CVE-2022-24693

{"id": "CVE-2022-24693", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2022-03-30T02:15:08.960", "references": [{"url": "https://github.com/lukejenkins/CVE-2022-24693", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://img.baicells.com/Upload/20210909/FILE/98d2752f-6e83-49b1-9dab-d291e9023db6.pdf", "tags": ["Release Notes", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://na.baicells.com/Service/Firmware", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-798"}]}], "descriptions": [{"lang": "en", "value": "Baicells Nova436Q and Neutrino 430 devices with firmware through QRTB 2.7.8 have hardcoded credentials that are easily discovered, and can be used by remote attackers to authenticate via ssh. (The credentials are stored in the firmware, encrypted by the crypt function.)"}, {"lang": "es", "value": "Los dispositivos Baicells Nova436Q y Neutrino 430 con versiones de firmware hasta QRTB 2.7.8, presentan credenciales embebidas que son f\u00e1cilmente detectadas, y pueden ser usadas por atacantes remotos para autenticarse por medio de ssh. (Las credenciales son almacenadas en el firmware, encriptadas por la funci\u00f3n crypt)"}], "lastModified": "2022-04-07T16:08:03.983", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:baicells:nova436q_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A946299-1B2C-47DC-A845-7EA1357971C0", "versionEndIncluding": "qrtb_2.7.8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:baicells:nova436q:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CFF872E4-C1A1-4C60-B0CC-3958A99A7E6C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:baicells:neutrino_430_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0A759BD-7BA5-442B-85DD-9CFB2FD90244", "versionEndIncluding": "qrtb_2.7.8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:baicells:neutrino_430:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1F525B37-6593-4534-932D-89C7D28B3C10"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}