CVE-2022-3203

On ORing net IAP-420(+) with FW version 2.0m a telnet server is enabled by default and cannot permanently be disabled. You can connect to the device via LAN or WiFi with hardcoded credentials and get an administrative shell. These credentials are reset to defaults with every reboot.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://mads.uniud.it/2022/09/lord-of-the-orings/	Exploit Mitigation Third Party Advisory
https://mads.uniud.it/2022/09/lord-of-the-orings/	Exploit Mitigation Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:oringnet:iap-420\+_firmware:2.0m:*:*:*:*:*:*:*

cpe:2.3:h:oringnet:iap-420\+:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:oringnet:iap-420_firmware:2.0m:*:*:*:*:*:*:*

cpe:2.3:h:oringnet:iap-420:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:19

Type	Values Removed	Values Added
References	~~() https://mads.uniud.it/2022/09/lord-of-the-orings/ - Exploit, Mitigation, Third Party Advisory~~	() https://mads.uniud.it/2022/09/lord-of-the-orings/ - Exploit, Mitigation, Third Party Advisory

Information

Published : 2022-10-21 13:15

Updated : 2024-11-21 07:19

NVD link : CVE-2022-3203

Mitre link : CVE-2022-3203

CVE.ORG link : CVE-2022-3203

JSON object : View

Products Affected

oringnet

iap-420\+
iap-420_firmware
iap-420\+_firmware
iap-420

CWE

CWE-912

Hidden Functionality

{"id": "CVE-2022-3203", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "info@cert.vde.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2022-10-21T13:15:09.593", "references": [{"url": "https://mads.uniud.it/2022/09/lord-of-the-orings/", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "source": "info@cert.vde.com"}, {"url": "https://mads.uniud.it/2022/09/lord-of-the-orings/", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "info@cert.vde.com", "description": [{"lang": "en", "value": "CWE-912"}]}], "descriptions": [{"lang": "en", "value": "On ORing net IAP-420(+) with FW version 2.0m a telnet server is enabled by default and cannot permanently be disabled. You can connect to the device via LAN or WiFi with hardcoded credentials and get an administrative shell. These credentials are reset to defaults with every reboot."}, {"lang": "es", "value": "En ORing net IAP-420(+) con FW versi\u00f3n 2.0m, un servidor telnet est\u00e1 habilitado por defecto y no puede ser deshabilitado permanentemente. Puede conectarse al dispositivo con credenciales embebidas y conseguir un shell administrativo. Estas credenciales son restablecidas a valores predeterminados con cada reinicio"}], "lastModified": "2024-11-21T07:19:02.473", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:oringnet:iap-420\\+_firmware:2.0m:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF635AF4-76E5-4BED-BBD6-8E359D90A360"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:oringnet:iap-420\\+:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0D40FEDC-0DFC-4790-A906-05ACEC686B9A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:oringnet:iap-420_firmware:2.0m:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D2DDA93-3EF0-487D-B031-242021E19623"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:oringnet:iap-420:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "11AA2B35-558A-4094-96FD-5A96F5B3B845"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "info@cert.vde.com"}