Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2022-25219
HistoryMar 10, 2022 - 5:47 p.m.

CVE-2022-25219

2022-03-1017:47:02
[email protected]
web.nvd.nist.gov
67
cve-2022-25219
telnetd_startup daemon
null byte interaction error
predictable passwords
openssl
rsa_public_decrypt
vulnerability

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

8.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.5%

JSON

A null byte interaction error has been discovered in the code that the telnetd_startup daemon uses to construct a pair of ephemeral passwords that allow a user to spawn a telnet service on the router, and to ensure that the telnet service persists upon reboot. By means of a crafted exchange of UDP packets, an unauthenticated attacker on the local network can leverage this null byte interaction error in such a way as to make those ephemeral passwords predictable (with 1-in-94 odds). Since the attacker must manipulate data processed by the OpenSSL function RSA_public_decrypt(), successful exploitation of this vulnerability depends on the use of an unpadded RSA cipher (CVE-2022-25218).

Affected configurations

NVD
Node
phicommk2_firmwareRange22.5.9.163
AND
phicommk2Match-
Node
phicommk3_firmwareRange21.5.37.246
AND
phicommk3Match-
Node
phicommk3c_firmwareRange32.1.15.93
AND
phicommk3cMatch-
Node
phicommk2g_firmwareRange22.6.3.20
AND
phicommk2gMatch-
Node
phicommk2p_firmwareRange20.4.1.7
AND
phicommk2pMatch-

CNA Affected

[
  {
    "product": "Phicomm Routers",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "K3 >= 21.5.37.246, K3C >= 32.1.22.113, K2P >= 20.4.1.7, K2 A7 >= 22.6.506.28, K2G A1 >= 22.6.3.20"
      }
    ]
  }
]

Related

cve 1
prion 2
nvd 2
cvelist 2
cve
cve
CVE-2022-25218
2022-03-10 17:47:02
prion
prion
Design/Logic Flaw
2022-03-10 17:47:00
Design/Logic Flaw
2022-03-10 17:47:00
nvd
nvd
CVE-2022-25219
2022-03-10 17:47:02
CVE-2022-25218
2022-03-10 17:47:02
cvelist
cvelist
CVE-2022-25218
2022-03-07 21:50:25
CVE-2022-25219
2022-03-07 21:56:51

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

8.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.5%

JSON
Related for CVE-2022-25219
cve1prion2nvd2cvelist2