Back to search
CVE-2022-25215
Published: Mar 7, 2022
Modified: Aug 3, 2024
PUBLISHED
Description
Improper access control on the LocalMACConfig.asp interface allows an unauthenticated remote attacker to add (or remove) client MAC addresses to (or from) a list of banned hosts. Clients with those MAC addresses are then prevented from accessing either the WAN or the router itself.
| Vendor | Product | Versions |
|---|---|---|
n/a | Phicomm Routers | affected K2G A1 >= 22.6.3.20, K2 A7 >= 22.6.506.28, K2G A1 >= 22.6.3.20 |
References
https://www.tenable.com/security/research/tra-2022-01
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now