Filtered by vendor Contec Subscriptions
Filtered by product Fxa2000 Firmware Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-36159 1 Contec 8 Fxa2000, Fxa2000 Firmware, Fxa3000 and 5 more 2024-11-21 8.8 High
Contec FXA3200 version 1.13 and under were discovered to contain a hard coded hash password for root stored in the component /etc/shadow. As the password strength is weak, it can be cracked in few minutes. Through this credential, a malicious actor can access the Wireless LAN Manager interface and open the telnet port then sniff the traffic or inject any malware.
CVE-2022-36158 1 Contec 8 Fxa2000, Fxa2000 Firmware, Fxa3000 and 5 more 2024-11-21 8.0 High
Contec FXA3200 version 1.13.00 and under suffers from Insecure Permissions in the Wireless LAN Manager interface which allows malicious actors to execute Linux commands with root privilege via a hidden web page (/usr/www/ja/mnt_cmd.cgi).