CVE-2022-25218

The use of the RSA algorithm without OAEP, or any other padding scheme, in telnetdstartup, allows an unauthenticated attacker on the local area network to achieve a significant degree of control over the "plaintext" to which an arbitrary blob of ciphertext will be decrypted by OpenSSL's...

CVE-2022-25218

The use of the RSA algorithm without OAEP, or any other padding scheme, in telnetdstartup, allows an unauthenticated attacker on the local area network to achieve a significant degree of control over the "plaintext" to which an arbitrary blob of ciphertext will be decrypted by OpenSSL's...

Design/Logic Flaw

A null byte interaction error has been discovered in the code that the telnetdstartup daemon uses to construct a pair of ephemeral passwords that allow a user to spawn a telnet service on the router, and to ensure that the telnet service persists upon reboot. By means of a crafted exchange of UDP...

CVE-2022-25218

The CVE-2022-25218 entry concerns PHICOMM router devices (e.g., K2, K3, K3C) where telnetd_startup uses RSA without OAEP or padding. An unauthenticated attacker on the LAN can craft UDP packets to influence the OpenSSL RSA_public_decrypt() processing, manipulating the telnetd startup state machin...