Back to search
CVE-2022-38625
Published: Aug 29, 2022
Modified: Aug 3, 2024
PUBLISHED
Description
Patlite NH-FB v1.46 and below was discovered to contain insufficient firmware validation during the upgrade firmware file upload process. This vulnerability allows authenticated attackers to create and upload their own custom-built firmware and inject malicious code. NOTE: the vendor's position is that this is a design choice, not a vulnerability
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://www.patlite.com/network-products/lineup/nh-fb.html
x_refsource_MISC
https://gist.github.com/Nwqda/dfad4e11b545dd40aebca6031d202f66
x_refsource_MISC
https://www.youtube.com/watch?v=4r9FH6U2VR8
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now