CVE-2022-25218
Severity CVSS v4.0:
Pending analysis
Type:
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
Publication date:
10/03/2022
Last modified:
08/08/2023
Description
The use of the RSA algorithm without OAEP, or any other padding scheme, in telnetd_startup, allows an unauthenticated attacker on the local area network to achieve a significant degree of control over the "plaintext" to which an arbitrary blob of ciphertext will be decrypted by OpenSSL's RSA_public_decrypt() function. This weakness allows the attacker to manipulate the various iterations of the telnetd startup state machine and eventually obtain a root shell on the device, by means of an exchange of crafted UDP packets. In all versions but K2 22.5.9.163 and K3C 32.1.15.93 a successful attack also requires the exploitation of a null-byte interaction error (CVE-2022-25219).
Impact
Base Score 3.x
8.10
Severity 3.x
HIGH
Base Score 2.0
9.30
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:phicomm:k2_firmware:*:*:*:*:*:*:*:* | 22.5.9.163 (including) | |
| cpe:2.3:h:phicomm:k2:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:phicomm:k3_firmware:*:*:*:*:*:*:*:* | 21.5.37.246 (including) | |
| cpe:2.3:h:phicomm:k3:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:phicomm:k3c_firmware:*:*:*:*:*:*:*:* | 32.1.15.93 (including) | |
| cpe:2.3:h:phicomm:k3c:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:phicomm:k2g_firmware:*:*:*:*:*:*:*:* | 22.6.3.20 (including) | |
| cpe:2.3:h:phicomm:k2g:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:phicomm:k2p_firmware:*:*:*:*:*:*:*:* | 20.4.1.7 (including) | |
| cpe:2.3:h:phicomm:k2p:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page