CVE-2022-47732

In Yeastar N412 and N824 Configuration Panel 42.x and 45.x, an unauthenticated attacker can create backup file and download it, revealing admin hash, allowing, once cracked, to login inside the Configuration Panel, otherwise, replacing the hash in the archive and restoring it on the device which will change admin password granting access to the device.

CVSS v3.0 7.5 HIGH

7.5^/10

CVSS v3.0 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.yeastar.com/n-series-analog-phone-system/	Product Vendor Advisory
https://www.swascan.com/security-advisory-yeastar-n412-and-n824-configuration-panel/	Exploit Technical Description Third Party Advisory

Advertisement

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:yeastar:n824_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:yeastar:n824:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:yeastar:n412_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:yeastar:n412:-:*:*:*:*:*:*:*

Information

Published : 2023-01-20 09:15

Updated : 2023-02-06 11:14

NVD link : CVE-2022-47732

Mitre link : CVE-2022-47732

JSON object : View

CWE

CWE-916

Use of Password Hash With Insufficient Computational Effort

Advertisement

Products Affected

yeastar

n824
n412_firmware
n412
n824_firmware

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://www.yeastar.com/n-series-analog-phone-system/", "name": "https://www.yeastar.com/n-series-analog-phone-system/", "tags": ["Product", "Vendor Advisory"], "refsource": "MISC"}, {"url": "https://www.swascan.com/security-advisory-yeastar-n412-and-n824-configuration-panel/", "name": "https://www.swascan.com/security-advisory-yeastar-n412-and-n824-configuration-panel/", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In Yeastar N412 and N824 Configuration Panel 42.x and 45.x, an unauthenticated attacker can create backup file and download it, revealing admin hash, allowing, once cracked, to login inside the Configuration Panel, otherwise, replacing the hash in the archive and restoring it on the device which will change admin password granting access to the device."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-916"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-47732", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}}, "publishedDate": "2023-01-20T17:15Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:yeastar:n824_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:yeastar:n824:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:yeastar:n412_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:yeastar:n412:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2023-02-06T19:14Z"}