PT-2023-14703 · Shenzhen Zhiboton Electronics · Zbt We1626 Router

Publicado

2023-03-03

Atualizado

2025-03-07

CVE-2022-45552

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Shenzhen Zhiboton Electronics ZBT WE1626 Router version 21.06.18

Description The issue allows attackers to obtain sensitive information via the SPI bus interface connected to the pinout of the NAND flash memory. This is due to an Insecure Permissions vulnerability.

Recommendations For Shenzhen Zhiboton Electronics ZBT WE1626 Router version 21.06.18, consider restricting access to the SPI bus interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Incorrect Default Permissions

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-276

Identificadores relacionados

CVE-2022-45552

Produtos afetados

Zbt We1626 Router

PT-2023-14703 · Shenzhen Zhiboton Electronics · Zbt We1626 Router

CVE-2022-45552

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8