CVE-2022-40630 The Tacitine Firewall web-based management interface has a session management vulnerability that can be exploited.

Additionally, an attacker could send a specially crafted http request to the targeted device on a specific port and perform a Denial of Service attack on the targeted device. EN6200-PRIME QUAD-35 and EN6200-PRIME QUAD-100 are affected. EN6200-PRIME QUAD-35 and EN6200-PRIME QUAD-100 are affected. The Tacitine Firewall web-based management interface is accessible from the following URL with an unauthenticated attacker: https://device_ip>/ if the device is configured with default credentials or with an attacker-controlled value. A successful attack could allow an unauthenticated remote attacker to gain session access to the targeted device, and perform either a session fixation attack or a DoS attack on the targeted device. EN6200-PRIME QUAD-35 and EN6200-PRIME QUAD-100 are affected. The Tacitine Firewall web-based management interface is accessible from the following URL with an unauthenticated attacker: https://device_ip>/ if the device is configured with default credentials or with an attacker-controlled value. A successful attack could allow an unauthenticated remote attacker to gain session access to the targeted device, and perform either a session fixation attack or a DoS attack on the targeted device. Workarounds There is no known workaround at this time. Patches have been issued to fix this vulnerability. - EN6200

Tacitine Firewall interface

The Tacitine Firewall is a network firewall as well as a web management interface that manages all aspects of the device. The interface enables users to view and change device settings, monitor network traffic, configure the firewall ruleset and more. The firmware of many popular networking devices like WAN routers, WiFi access points, and VoIP gateways have been found to contain an information disclosure vulnerability that allows unauthenticated attackers to gain session access to the targeted device. This could lead to a successful session fixation attack or DoS attack on the targeted device.

VENDOR RESPONSE

A vendor has been notified and is expected to release a fix soon. The vendor has not yet released a patch for this vulnerability.

It's important to invest in digital marketing because it helps your business grow and reach new customers. You can target your audience more precisely than traditional methods, which increases the likelihood of conversions.

Timeline

Published on: 09/23/2022 19:15:00 UTC
Last modified on: 09/28/2022 14:24:00 UTC

References

• https://tacitine.com/newdownload/CVE-2022-40630.pdf
• https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2022-0363
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-40630