CVE-2022-3218 Necta WiFi Mouse (Mouse Server) client-side authentication bypass

2021-02-2500:00:00

CWE-603

rapid7

www.cve.org

10 High

AI Score

Confidence

High

0.919 High

EPSS

Percentile

98.9%

JSON

Due to a reliance on client-side authentication, the WiFi Mouse (Mouse Server) from Necta LLC’s authentication mechanism is trivially bypassed, which can result in remote code execution.

CNA Affected

[
  {
    "product": "WiFi Mouse (Mouse Server)",
    "vendor": "Necta LLC",
    "versions": [
      {
        "lessThanOrEqual": "1.8.3.4",
        "status": "affected",
        "version": "1.8.3.4",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "1.8.2.3",
        "status": "affected",
        "version": "1.8.2.3",
        "versionType": "custom"
      }
    ]
  }
]