nexans gigaswitch_641_desk_v5_sfp-vi_firmware 使用硬编码的凭证

admin

0
文章

0
评论

2023-11-30 06:48:58 Ali_nvd 来源：ZONE.CI 全球网 0 阅读模式

nexans gigaswitch_641_desk_v5_sfp-vi_firmware 使用硬编码的凭证

CVE编号

CVE-2022-32985

利用情况

暂无

补丁情况

N/A

披露时间

2022-07-18

漏洞描述

libnx_apl.so on Nexans FTTO GigaSwitch before 6.02N and 7.x before 7.02 implements a Backdoor Account for SSH logins on port 50200 or 50201.

解决建议

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
https://sec-consult.com/vulnerability-lab/advisory/hardcoded-backdoor-user-ou...
https://www.nexans.de/de/products/Data-Network-Solutions/Industrial-and-offic...

受影响软件情况

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	系统	nexans	gigaswitch_641_desk_v5_sfp-vi_firmware	*		Up to (excluding) 6.02n
	运行在以下环境
	系统	nexans	gigaswitch_641_desk_v5_sfp-vi_firmware	*	From (including) 7.0	Up to (excluding) 7.02
	运行在以下环境
	系统	nexans	gigaswitch_642_desk_v5_sfp-2vi_firmware	*		Up to (excluding) 6.02n
	运行在以下环境
	系统	nexans	gigaswitch_642_desk_v5_sfp-2vi_firmware	*	From (including) 7.0	Up to (excluding) 7.02
	运行在以下环境
	系统	nexans	gigaswitch_v5_2tp(pd-f+)_sfp-vi_54vdc_firmware	*		Up to (excluding) 6.02n
	运行在以下环境
	系统	nexans	gigaswitch_v5_2tp(pd-f+)_sfp-vi_54vdc_firmware	*	From (including) 7.0	Up to (excluding) 7.02
	运行在以下环境
	系统	nexans	gigaswitch_v5_2tp(pse+)_sfp-vi_54vdc_firmware	*		Up to (excluding) 6.02n
	运行在以下环境
	系统	nexans	gigaswitch_v5_2tp(pse+)_sfp-vi_54vdc_firmware	*	From (including) 7.0	Up to (excluding) 7.02
	运行在以下环境
	系统	nexans	gigaswitch_v5_2tp_sfp-vi_54vdc_firmware	*		Up to (excluding) 6.02n
	运行在以下环境
	系统	nexans	gigaswitch_v5_2tp_sfp-vi_54vdc_firmware	*	From (including) 7.0	Up to (excluding) 7.02
	运行在以下环境
	系统	nexans	gigaswitch_v5_sfp-2vi_230vac_firmware	*		Up to (excluding) 6.02n
	运行在以下环境
	系统	nexans	gigaswitch_v5_sfp-2vi_230vac_firmware	*	From (including) 7.0	Up to (excluding) 7.02
	运行在以下环境
	系统	nexans	gigaswitch_v5_tp(pse+)_sfp-2vi_54vdc_firmware	*		Up to (excluding) 6.02n
	运行在以下环境
	系统	nexans	gigaswitch_v5_tp(pse+)_sfp-2vi_54vdc_firmware	*	From (including) 7.0	Up to (excluding) 7.02
	运行在以下环境
	系统	nexans	gigaswitch_v5_tp(pse+)_sfp-2vi_54vdc_ind_firmware	*		Up to (excluding) 6.02n
	运行在以下环境
	系统	nexans	gigaswitch_v5_tp(pse+)_sfp-2vi_54vdc_ind_firmware	*	From (including) 7.0	Up to (excluding) 7.02
	运行在以下环境
	系统	nexans	gigaswitch_v5_tp(pse+)_sfp-2vi_54vdc_med_firmware	*		Up to (excluding) 6.02n
	运行在以下环境
	系统	nexans	gigaswitch_v5_tp(pse+)_sfp-2vi_54vdc_med_firmware	*	From (including) 7.0	Up to (excluding) 7.02
	运行在以下环境
	系统	nexans	gigaswitch_v5_tp_sfp-2vi_54vdc_firmware	*		Up to (excluding) 6.02n
	运行在以下环境
	系统	nexans	gigaswitch_v5_tp_sfp-2vi_54vdc_firmware	*	From (including) 7.0	Up to (excluding) 7.02
	运行在以下环境
	系统	nexans	gigaswitch_v5_tp_sfp-2vi_54vdc_ind_firmware	*		Up to (excluding) 6.02n
	运行在以下环境
	系统	nexans	gigaswitch_v5_tp_sfp-2vi_54vdc_ind_firmware	*	From (including) 7.0	Up to (excluding) 7.02
	运行在以下环境
	系统	nexans	gigaswitch_v5_tp_sfp-2vi_54vdc_med_firmware	*		Up to (excluding) 6.02n
	运行在以下环境
	系统	nexans	gigaswitch_v5_tp_sfp-2vi_54vdc_med_firmware	*	From (including) 7.0	Up to (excluding) 7.02
	运行在以下环境
	系统	nexans	gigaswitch_v5_tp_sfp-vi_230vac_firmware	*		Up to (excluding) 6.02n
	运行在以下环境
	系统	nexans	gigaswitch_v5_tp_sfp-vi_230vac_firmware	*	From (including) 7.0	Up to (excluding) 7.02
	运行在以下环境
	硬件	nexans	gigaswitch_641_desk_v5_sfp-vi	-	-
	运行在以下环境
	硬件	nexans	gigaswitch_642_desk_v5_sfp-2vi	-	-
	运行在以下环境
	硬件	nexans	gigaswitch_v5_2tp(pd-f+)_sfp-vi_54vdc	-	-
	运行在以下环境
	硬件	nexans	gigaswitch_v5_2tp(pse+)_sfp-vi_54vdc	-	-
	运行在以下环境
	硬件	nexans	gigaswitch_v5_2tp_sfp-vi_54vdc	-	-
	运行在以下环境
硬件	nexans	gigaswitch_v5_sfp-2vi_230vac	-	-
运行在以下环境
硬件	nexans	gigaswitch_v5_tp(pse+)_sfp-2vi_54vdc	-	-
运行在以下环境
硬件	nexans	gigaswitch_v5_tp(pse+)_sfp-2vi_54vdc_ind	-	-
运行在以下环境
硬件	nexans	gigaswitch_v5_tp(pse+)_sfp-2vi_54vdc_med	-	-
运行在以下环境
硬件	nexans	gigaswitch_v5_tp_sfp-2vi_54vdc	-	-
运行在以下环境
硬件	nexans	gigaswitch_v5_tp_sfp-2vi_54vdc_ind	-	-
运行在以下环境
硬件	nexans	gigaswitch_v5_tp_sfp-2vi_54vdc_med	-	-
运行在以下环境
硬件	nexans	gigaswitch_v5_tp_sfp-vi_230vac	-	-