K2 Firmware Security Vulnerabilities and Issues — K2 Firmware CVE List

Lucene search

PhicommK2 Firmware

11 matches found

CVE•added 2022/03/10 5:47 p.m.•107 views

CVE-2022-25218

The use of the RSA algorithm without OAEP, or any other padding scheme, in telnetd_startup, allows an unauthenticated attacker on the local area network to achieve a significant degree of control over the "plaintext" to which an arbitrary blob of ciphertext will be decrypted by OpenSSL's RSA_public...

9.3CVSS8AI score0.01158EPSS

CVE•added 2022/03/10 5:47 p.m.•95 views

CVE-2022-25219

A null byte interaction error has been discovered in the code that the telnetd_startup daemon uses to construct a pair of ephemeral passwords that allow a user to spawn a telnet service on the router, and to ensure that the telnet service persists upon reboot. By means of a crafted exchange of UDP ...

8.4CVSS7.9AI score0.01158EPSS

CVE•added 2022/03/10 5:47 p.m.•91 views

CVE-2022-25217

Use of a hard-coded cryptographic key pair by the telnetd_startup service allows an attacker on the local area network to obtain a root shell on the device over telnet. The builds of telnetd_startup included in the version 22.5.9.163 of the K2 firmware, and version 32.1.15.93 of the K3C firmware (p...

7.8CVSS7.6AI score0.00037EPSS

CVE•added 2022/03/10 5:47 p.m.•79 views

CVE-2022-25213

Improper physical access control and use of hard-coded credentials in /etc/passwd permits an attacker with physical access to obtain a root shell via an unprotected UART port on the device. The same port exposes an unauthenticated Das U-Boot BIOS shell.

7.2CVSS6.5AI score0.00041EPSS

CVE•added 2022/03/10 5:47 p.m.•78 views

CVE-2022-25215

Improper access control on the LocalMACConfig.asp interface allows an unauthenticated remote attacker to add (or remove) client MAC addresses to (or from) a list of banned hosts. Clients with those MAC addresses are then prevented from accessing either the WAN or the router itself.

5.3CVSS5.4AI score0.00386EPSS

CVE•added 2022/03/10 5:47 p.m.•72 views

CVE-2022-25214

Improper access control on the LocalClientList.asp interface allows an unauthenticated remote attacker to obtain sensitive information concerning devices on the local area network, including IP and MAC addresses. Improper access control on the wirelesssetup.asp interface allows an unauthenticated r...

7.4CVSS7.5AI score0.01248EPSS

CVE•added 2023/08/25 4:15 p.m.•60 views

CVE-2023-40796

Phicomm k2 v22.6.529.216 was discovered to contain a command injection vulnerability via the function luci.sys.call.

7.8CVSS7.9AI score0.0011EPSS

CVE•added 2023/01/27 3:15 p.m.•35 views

CVE-2022-48070

Phicomm K2 v22.6.534.263 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function.

7.8CVSS7.8AI score0.00224EPSS

CVE•added 2023/01/27 3:15 p.m.•33 views

CVE-2022-48071

Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext.

7.5CVSS7.5AI score0.00043EPSS

CVE•added 2023/01/27 3:15 p.m.•31 views

CVE-2022-48073

Phicomm K2G v22.6.3.20 was discovered to store the root and admin passwords in plaintext.

7.5CVSS7.5AI score0.00043EPSS

CVE•added 2023/01/27 3:15 p.m.•30 views

CVE-2022-48072

Phicomm K2G v22.6.3.20 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function.

7.8CVSS7.8AI score0.00224EPSS