CVE-2022-32985

Published: 17/07/2022 Updated: 25/07/2022

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

libnx_apl.so on Nexans FTTO GigaSwitch prior to 6.02N and 7.x prior to 7.02 implements a Backdoor Account for SSH logins on port 50200 or 50201.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nexans gigaswitch 641 desk v5 sfp-vi firmware
nexans gigaswitch 642 desk v5 sfp-2vi firmware
nexans gigaswitch v5 2tp(pd-f+) sfp-vi 54vdc firmware
nexans gigaswitch v5 2tp(pse+) sfp-vi 54vdc firmware
nexans gigaswitch v5 2tp sfp-vi 54vdc firmware
nexans gigaswitch v5 sfp-2vi 230vac firmware
nexans gigaswitch v5 tp(pse+) sfp-2vi 54vdc firmware
nexans gigaswitch v5 tp(pse+) sfp-2vi 54vdc ind firmware
nexans gigaswitch v5 tp(pse+) sfp-2vi 54vdc med firmware
nexans gigaswitch v5 tp sfp-2vi 54vdc firmware
nexans gigaswitch v5 tp sfp-2vi 54vdc ind firmware
nexans gigaswitch v5 tp sfp-2vi 54vdc med firmware
nexans gigaswitch v5 tp sfp-vi 230vac firmware

Nexans FTTO GigaSwitch industrial/office switches HW version 5 suffer from having a hardcoded backdoor user and multiple outdated vulnerable software components ...

CWE-798 https://sec-consult.com/vulnerability-lab/advisory/hardcoded-backdoor-user-outdated-software-components-nexans-ftto-gigaswitch/https://www.nexans.de/de/products/Data-Network-Solutions/Industrial-and-office-switches.html https://nvd.nist.gov https://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-32985

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect