PT-2022-21621 · Nexans · Nexans Ftto Gigaswitch

Thomas Weber

Published

2022-07-17

Updated

2022-07-25

CVE-2022-32985

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Nexans FTTO GigaSwitch versions prior to 6.02N Nexans FTTO GigaSwitch versions 7.x prior to 7.02

Description The issue is related to a backdoor account implemented in libnx apl.so for SSH logins on ports 50200 or 50201.

Recommendations For versions prior to 6.02N, update to version 6.02N or later. For versions 7.x prior to 7.02, update to version 7.02 or later. As a temporary workaround, consider restricting access to ports 50200 and 50201 to minimize the risk of exploitation.

Exploit

Fix

Using Hardcoded Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-798

Related Identifiers

CVE-2022-32985

Affected Products

Nexans Ftto Gigaswitch

PT-2022-21621 · Nexans · Nexans Ftto Gigaswitch

CVE-2022-32985

Weakness Enumeration

Related Identifiers

Affected Products

References · 6