CVE-2022-36265 - OpenCVE

In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Hidden system command web page. After performing a reverse engineering of the firmware, it was discovered that a hidden page not listed in the administration management interface allows a user to execute Linux commands on the device with root privileges. An authenticated malicious threat actor can use this page to fully compromise the device.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Airspan	Airspot 5410 Firmware Airspot 5410

Configuration 1 [-]

AND

cpe:2.3:o:airspan:airspot_5410_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:airspan:airspot_5410:-:*:*:*:*:*:*:*

References

Link	Resource
https://gist.github.com/Nwqda/e82b3155401b094372195fdaa9b54833	Exploit Mitigation Third Party Advisory
https://wdi.rfwel.com/cdn/techdocs/AirSpot5410.pdf	Product Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-08-08T14:36:44

Updated: 2022-08-08T14:36:44

Reserved: 2022-07-18T00:00:00

Link: CVE-2022-36265

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-08-08T15:15:08.943

Modified: 2022-08-12T14:59:06.123

Link: CVE-2022-36265

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Hidden system command web page. After performing a reverse engineering of the firmware, it was discovered that a hidden page not listed in the administration management interface allows a user to execute Linux commands on the device with root privileges. An authenticated malicious threat actor can use this page to fully compromise the device."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-08-08T14:36:44", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://gist.github.com/Nwqda/e82b3155401b094372195fdaa9b54833"}, {"tags": ["x_refsource_MISC"], "url": "https://wdi.rfwel.com/cdn/techdocs/AirSpot5410.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-36265", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Hidden system command web page. After performing a reverse engineering of the firmware, it was discovered that a hidden page not listed in the administration management interface allows a user to execute Linux commands on the device with root privileges. An authenticated malicious threat actor can use this page to fully compromise the device."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://gist.github.com/Nwqda/e82b3155401b094372195fdaa9b54833", "refsource": "MISC", "url": "https://gist.github.com/Nwqda/e82b3155401b094372195fdaa9b54833"}, {"name": "https://wdi.rfwel.com/cdn/techdocs/AirSpot5410.pdf", "refsource": "MISC", "url": "https://wdi.rfwel.com/cdn/techdocs/AirSpot5410.pdf"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-36265", "datePublished": "2022-08-08T14:36:44", "dateReserved": "2022-07-18T00:00:00", "dateUpdated": "2022-08-08T14:36:44", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:airspan:airspot_5410_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "59C409B3-0CFA-48A0-BEF1-AB721401E8EE", "versionEndIncluding": "0.3.4.1-4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:airspan:airspot_5410:-:*:*:*:*:*:*:*", "matchCriteriaId": "3AF8C2B0-0EB8-41B8-B2AB-1EFB0AFE71FB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Hidden system command web page. After performing a reverse engineering of the firmware, it was discovered that a hidden page not listed in the administration management interface allows a user to execute Linux commands on the device with root privileges. An authenticated malicious threat actor can use this page to fully compromise the device."}, {"lang": "es", "value": "En Airspan AirSpot 5410 versiones 0.3.4.1-4 y anteriores, se presenta una p\u00e1gina web de comandos del sistema oculta. Tras llevar a cabo una ingenier\u00eda inversa del firmware, se ha detectado que una p\u00e1gina oculta que no aparece en la interfaz de administraci\u00f3n de la administraci\u00f3n permite a un usuario ejecutar comandos de Linux en el dispositivo con privilegios de root. Un actor malicioso autenticado puede usar esta p\u00e1gina para comprometer completamente el dispositivo"}], "id": "CVE-2022-36265", "lastModified": "2022-08-12T14:59:06.123", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-08T15:15:08.943", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "url": "https://gist.github.com/Nwqda/e82b3155401b094372195fdaa9b54833"}, {"source": "cve@mitre.org", "tags": ["Product", "Third Party Advisory"], "url": "https://wdi.rfwel.com/cdn/techdocs/AirSpot5410.pdf"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}