Authentication bypass using an alternate path or channel in Hardware solutions

#VU67888 Authentication bypass using an alternate path or channel in Hardware solutions

Published: 2022-10-04

Vulnerability identifier: #VU67888

Vulnerability risk: Medium

CVSSv3.1: 7.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-40966

CWE-ID: CWE-288

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
WCR-300
Hardware solutions / Routers & switches, VoIP, GSM, etc
WHR-HP-G300N
Hardware solutions / Routers & switches, VoIP, GSM, etc
WHR-HP-GN
Hardware solutions / Routers & switches, VoIP, GSM, etc
WPL-05G300
Hardware solutions / Routers & switches, VoIP, GSM, etc
WRM-D2133HP
Hardware solutions / Routers & switches, VoIP, GSM, etc
WRM-D2133HS
Hardware solutions / Routers & switches, VoIP, GSM, etc
WTR-M2133HP
Hardware solutions / Routers & switches, VoIP, GSM, etc
WTR-M2133HS
Hardware solutions / Routers & switches, VoIP, GSM, etc
WXR-1900DHP
Hardware solutions / Routers & switches, VoIP, GSM, etc
WXR-1900DHP2
Hardware solutions / Routers & switches, VoIP, GSM, etc
WXR-1900DHP3
Hardware solutions / Routers & switches, VoIP, GSM, etc
WXR-5950AX12
Hardware solutions / Routers & switches, VoIP, GSM, etc
WXR-6000AX12B
Hardware solutions / Routers & switches, VoIP, GSM, etc
WXR-6000AX12S
Hardware solutions / Routers & switches, VoIP, GSM, etc
WZR-300HP
Hardware solutions / Routers & switches, VoIP, GSM, etc
WZR-450HP
Hardware solutions / Routers & switches, VoIP, GSM, etc
WZR-600DHP
Hardware solutions / Routers & switches, VoIP, GSM, etc
WZR-HP-AG300H
Hardware solutions / Routers & switches, VoIP, GSM, etc
WZR-HP-G302H
Hardware solutions / Routers & switches, VoIP, GSM, etc
WZR-900DHP
Hardware solutions / Routers & switches, VoIP, GSM, etc
WZR-1750DHP2
Hardware solutions / Routers & switches, VoIP, GSM, etc
WEM-1266
Hardware solutions / Routers & switches, VoIP, GSM, etc
WEM-1266WP
Hardware solutions / Routers & switches, VoIP, GSM, etc
WLAE-AG300N
Hardware solutions / Routers & switches, VoIP, GSM, etc
FS-G300N
Hardware solutions / Routers & switches, VoIP, GSM, etc
FS-HP-G300N
Hardware solutions / Routers & switches, VoIP, GSM, etc
FS-R600DHP
Hardware solutions / Routers & switches, VoIP, GSM, etc
FS-600DHP
Hardware solutions / Routers & switches, VoIP, GSM, etc
BHR-4GRV
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor:

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests. A remote attacker on the local network can bypass authentication for the target device.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

External links
http://jvn.jp/en/vu/JVNVU92805279/index.html
http://www.buffalo.jp/news/detail/20221003-01.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Buffalo network devices