CVE-2022-28377

{"id": "CVE-2022-28377", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-07-14T13:15:08.620", "references": [{"url": "https://github.com/JousterL/SecWriteups/blob/main/Verizon%20LVSKIHP%205G%20Modem/readme.md", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.verizon.com/info/reportsecurityvulnerability/", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-521"}]}], "descriptions": [{"lang": "en", "value": "On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices, the CRTC and ODU RPC endpoints rely on a static account username/password for access control. This password can be generated via a binary included in the firmware, after ascertaining the MAC address of the IDU's base Ethernet interface, and adding the string DEVICE_MANUFACTURER='Wistron_NeWeb_Corp.' to /etc/device_info to replicate the host environment. This occurs in /etc/init.d/wnc_factoryssidkeypwd (IDU)."}, {"lang": "es", "value": "En los dispositivos Verizon 5G Home LVSKIHP InDoorUnit (IDU) versi\u00f3n 3.4.66.162 y OutDoorUnit (ODU) versi\u00f3n 3.33.101.0, los endpoints RPC de CRTC y ODU dependen de un nombre de usuario/contrase\u00f1a de cuenta est\u00e1tica para el control de acceso. Esta contrase\u00f1a puede generarse por medio de un binario incluido en el firmware, despu\u00e9s de averiguar la direcci\u00f3n MAC de la interfaz Ethernet base de la IDU, y a\u00f1adir la cadena DEVICE_MANUFACTURER=\"Wistron_NeWeb_Corp.\" a /etc/device_info para replicar el entorno del host. Esto ocurre en /etc/init.d/wnc_factoryssidkeypwd (IDU)"}], "lastModified": "2022-07-21T01:44:47.333", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:verizon:lvskihp_indoorunit_firmware:3.4.66.162:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9D9319E-5FB5-442A-89B0-3559210B7250"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:verizon:lvskihp_indoorunit:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6A0557F4-75F3-4DF4-8F95-CC9F9239D243"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:verizon:lvskihp_outdoorunit_firmware:3.33.101.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "569F1902-F20B-4E2A-9BED-FF25E15535E9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:verizon:lvskihp_outdoorunit:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C2E2257C-8E43-4910-93FF-70CC51430D96"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}