Lucene search
HistoryAug 10, 2022 - 8:15 p.m.
CVE-2022-32429
authentication
bypass
remote code execution
mega system technologies inc
msnswitch mnt.2408
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.231
Percentile
96.6%
An authentication-bypass issue in the component http://MYDEVICEIP/cgi-bin-sdb/ExportSettings.sh of Mega System Technologies Inc MSNSwitch MNT.2408 allows unauthenticated attackers to arbitrarily configure settings within the application, leading to remote code execution.
Affected configurations
Node
megatechmsnswitch_firmwareMatchmnt.2408
megatechmsnswitchMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| megatech | msnswitch_firmware | mnt.2408 | cpe:2.3:o:megatech:msnswitch_firmware:mnt.2408:*:*:*:*:*:*:* |
| megatech | msnswitch | - | cpe:2.3:h:megatech:msnswitch:-:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2022-32429
2022-08-10 20:15:48
exploitdb
exploitdb
MSNSwitch Firmware MNT.2408 - Remote Code Execution
2022-11-11 00:00:00
prion
prion
Authentication flaw
2022-08-10 20:15:00
cvelist
cvelist
CVE-2022-32429
2022-08-09 00:00:00
zdt
zdt
MSNSwitch Firmware MNT.2408 - Remote Code Exectuion Exploit
2022-11-11 00:00:00
nuclei
nuclei
MSNSwitch Firmware MNT.2408 - Authentication Bypass
2023-01-23 11:12:48
packetstorm
packetstorm
MSNSwitch Firmware MNT.2408 Remote Code Execution
2022-11-11 00:00:00
githubexploit
githubexploit
Exploit for Improper Authentication in Megatech Msnswitch Firmware
2023-02-23 03:33:41
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.231
Percentile
96.6%
Related for NVD:CVE-2022-32429