CVE-2022-45439

A pair of spare WiFi credentials is stored in the configuration file of the Zyxel AX7501-B0 firmware prior to V5.17(ABPC.3)C0 in cleartext. An unauthenticated attacker could use the credentials to access the WLAN service if the configuration file has been retrieved from the device by leveraging another known vulnerability.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-cleartext-storage-of-wifi-credentials-and-improper-symbolic-links-of-ftp-for-ax7501-b0-cpe	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:zyxel:ax7501-b0_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*

History

24 Jan 2023, 20:16

Type	Values Removed	Values Added
First Time		Zyxel ax7501-b0 Firmware Zyxel ax7501-b0 Zyxel
CPE		cpe:2.3:h:zyxel:ax7501-b0:-:::::::* cpe:2.3:o:zyxel:ax7501-b0_firmware::::::::
CWE		CWE-312
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.5
References	~~(CONFIRM) https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-cleartext-storage-of-wifi-credentials-and-improper-symbolic-links-of-ftp-for-ax7501-b0-cpe -~~	(CONFIRM) https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-cleartext-storage-of-wifi-credentials-and-improper-symbolic-links-of-ftp-for-ax7501-b0-cpe - Vendor Advisory

17 Jan 2023, 02:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-01-17 02:15

Updated : 2023-12-10 14:48

NVD link : CVE-2022-45439

Mitre link : CVE-2022-45439

CVE.ORG link : CVE-2022-45439

JSON object : View

Products Affected

zyxel

ax7501-b0
ax7501-b0_firmware

CWE

CWE-312

Cleartext Storage of Sensitive Information

{"id": "CVE-2022-45439", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "security@zyxel.com.tw", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.6}]}, "published": "2023-01-17T02:15:09.427", "references": [{"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-cleartext-storage-of-wifi-credentials-and-improper-symbolic-links-of-ftp-for-ax7501-b0-cpe", "tags": ["Vendor Advisory"], "source": "security@zyxel.com.tw"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-312"}]}, {"type": "Secondary", "source": "security@zyxel.com.tw", "description": [{"lang": "en", "value": "CWE-312"}]}], "descriptions": [{"lang": "en", "value": "A pair of spare WiFi credentials is stored in the configuration file of the Zyxel AX7501-B0 firmware prior to V5.17(ABPC.3)C0 in cleartext. An unauthenticated attacker could use the credentials to access the WLAN service if the configuration file has been retrieved from the device by leveraging another known vulnerability."}], "lastModified": "2023-01-24T20:16:45.073", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:ax7501-b0_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2052D047-7D2B-419F-BB98-110144616D7F", "versionEndExcluding": "5.17\\(abpc.3\\)c0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "78473083-F702-4B81-AAA0-B66A0984FF6B"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "security@zyxel.com.tw"}