← Back

Fxa3000 Firmware

fxa3000_firmware

Vendor: Contec • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-36159
1Contec
4Fxa2000 Firmware
Fxa3000 FirmwareFxa3020 Firmware+1 more
May 21, 2025
Sep 26, 2022
N/A· v4
8.8 HIGH· v3
N/A· v2
Contec FXA3200 version 1.13 and under were discovered to contain a hard coded hash password for root stored in the component /etc/shadow. As the password strength is weak, it can be cracked in few minutes. Through this c...Show more
Contec FXA3200 version 1.13 and under were discovered to contain a hard coded hash password for root stored in the component /etc/shadow. As the password strength is weak, it can be cracked in few minutes. Through this credential, a malicious actor can access the Wireless LAN Manager interface and open the telnet port then sniff the traffic or inject any malware.Show less
CVE-2022-36158
1Contec
4Fxa2000 Firmware
Fxa3000 FirmwareFxa3020 Firmware+1 more
May 21, 2025
Sep 26, 2022
N/A· v4
8.0 HIGH· v3
N/A· v2
Contec FXA3200 version 1.13.00 and under suffers from Insecure Permissions in the Wireless LAN Manager interface which allows malicious actors to execute Linux commands with root privilege via a hidden web page (/usr/www...Show more
Contec FXA3200 version 1.13.00 and under suffers from Insecure Permissions in the Wireless LAN Manager interface which allows malicious actors to execute Linux commands with root privilege via a hidden web page (/usr/www/ja/mnt_cmd.cgi).Show less