Published: 17/07/2022 Updated: 25/07/2022

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

Subscribe to Gigaswitch 641 Desk V5 Sfp-vi Firmware

libnx_apl.so on Nexans FTTO GigaSwitch prior to 6.02N and 7.x prior to 7.02 implements a Backdoor Account for SSH logins on port 50200 or 50201.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nexans gigaswitch_641_desk_v5_sfp-vi_firmware
nexans gigaswitch_642_desk_v5_sfp-2vi_firmware
nexans gigaswitch_v5_2tp\\(pd-f\\+\\)_sfp-vi_54vdc_firmware
nexans gigaswitch_v5_2tp\\(pse\\+\\)_sfp-vi_54vdc_firmware
nexans gigaswitch_v5_2tp_sfp-vi_54vdc_firmware
nexans gigaswitch_v5_sfp-2vi_230vac_firmware
nexans gigaswitch_v5_tp\\(pse\\+\\)_sfp-2vi_54vdc_firmware
nexans gigaswitch_v5_tp\\(pse\\+\\)_sfp-2vi_54vdc_ind_firmware
nexans gigaswitch_v5_tp\\(pse\\+\\)_sfp-2vi_54vdc_med_firmware
nexans gigaswitch_v5_tp_sfp-2vi_54vdc_firmware
nexans gigaswitch_v5_tp_sfp-2vi_54vdc_ind_firmware
nexans gigaswitch_v5_tp_sfp-2vi_54vdc_med_firmware
nexans gigaswitch_v5_tp_sfp-vi_230vac_firmware

Nexans FTTO GigaSwitch industrial/office switches HW version 5 suffer from having a hardcoded backdoor user and multiple outdated vulnerable software components ...

CWE-798 https://sec-consult.com/vulnerability-lab/advisory/hardcoded-backdoor-user-outdated-software-components-nexans-ftto-gigaswitch/https://www.nexans.de/de/products/Data-Network-Solutions/Industrial-and-office-switches.html https://nvd.nist.gov https://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-32985

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect