CVE-2022-36158

Published: Sep 26, 2022

Modified: May 21, 2025

PUBLISHED

Description

Contec FXA3200 version 1.13.00 and under suffers from Insecure Permissions in the Wireless LAN Manager interface which allows malicious actors to execute Linux commands with root privilege via a hidden web page (/usr/www/ja/mnt_cmd.cgi).

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.contec.com/products-services/computer-networking/flexlan-fx/fx-accesspoint/fxa3200/feature/#section

x_refsource_MISC

https://gist.github.com/Nwqda/aac33d1936d2b514a3268f145345abb4

x_refsource_MISC

https://samy.link/blog/contec-flexlan-fxa2000-and-fxa3000-series-vulnerability-repo

x_refsource_MISC

https://jvn.jp/en/vu/JVNVU98305100/

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-36158

Description

Affected Products

References