Affected devices do not properly enforce access restrictions on the SSH server. This could allow low privileged users to gain elevated privileges.
The password reset function of the web interface does not require the correct password. This can be exploited by malicious users to reset their own password if they have access to the account.
The lock out feature of user accounts does not work as expected. This can be exploited by malicious users to bypass access restrictions on the system.
The web interface does not properly secure its own sessions. This could allow malicious attackers to access the system remotely if they have access to the web server.
The web interface does not enforce session stickiness. This could allow malicious attackers to access the system remotely if they have access to the web server.
Mitigation Strategies
Disabling password reset function.
Configuring web interface with SSL encryption.
Configuring the web server to enforce session stickiness.
Vulnerable Parts of the System
The web interface does not enforce access restrictions on the SSH server. This can allow low privileged users to gain elevated privileges.
The password reset function of the web interface does not require the correct password. This can be exploited by malicious users to reset their own password if they have access to the account.
The lock out feature of user accounts does not work as expected. This can be exploited by malicious users to bypass access restrictions on the system.
The web interface does not properly secure its own sessions. This could allow malicious attackers to access the system remotely if they have access to the web server.
The web interface does not enforce session stickiness. This could allow malicious attackers to access the system remotely if they have access to the web server.
Vulnerable versions
The following versions have been tested and confirmed to be vulnerable:
- CVE-2022-31765
- Versions prior to 7.0.0
Timeline
Published on: 10/11/2022 11:15:00 UTC
Last modified on: 10/13/2022 17:20:00 UTC