cbcvebase.

Verizon Lvskihp Outdoorunit Firmware vulnerabilities

6 known vulnerabilities affecting verizon/lvskihp_outdoorunit_firmware.

Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH5

Vulnerabilities

Page 1 of 1
CVE-2022-28375P2CRITICALCVSS 9.8v3.33.101.02022-07-14
CVE-2022-28375 [CRITICAL] CWE-78 CVE-2022-28375: Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 does not property sanitize user-controlled para Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 does not property sanitize user-controlled parameters within the crtcswitchsimprofile function of the crtcrpc JSON listener. A remote attacker on the local network can inject shell metacharacters into /usr/lib/lua/5.1/luci/controller/rpc.lua to achieve remote code execution as root,
nvd
CVE-2022-28374P3HIGHCVSS 8.8v3.33.101.02022-07-14
CVE-2022-28374 [HIGH] CWE-78 CVE-2022-28374: Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 does not property sanitize user-controlled para Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 does not property sanitize user-controlled parameters within the DMACC URLs on the Settings page of the Engineering portal. An authenticated remote attacker on the local network can inject shell metacharacters into /usr/lib/lua/5.1/luci/controller/admin/settings.lua to achieve remote code execution a
nvd
CVE-2022-28372P3HIGHCVSS 7.5v3.33.101.02022-07-14
CVE-2022-28372 [HIGH] CWE-434 CVE-2022-28372: On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices, the On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices, the CRTC and ODU RPC endpoints provide a means of provisioning a firmware update for the device via crtc_fw_upgrade or crtcfwimage. The URL provided is not validated, and thus allows for arbitrary file upload to the device. This occurs in /lib/lua/luci/crt
nvd
CVE-2022-28371P3HIGHCVSS 7.5v3.33.101.02022-07-14
CVE-2022-28371 [HIGH] CWE-798 CVE-2022-28371: On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices, the On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices, the CRTC and ODU RPC endpoints rely on a static certificate for access control. This certificate is embedded in the firmware, and is identical across the fleet of devices. An attacker need only download this firmware and extract the private components of t
nvd
CVE-2022-28377P3HIGHCVSS 7.5v3.33.101.02022-07-14
CVE-2022-28377 [HIGH] CWE-521 CVE-2022-28377: On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices, the On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices, the CRTC and ODU RPC endpoints rely on a static account username/password for access control. This password can be generated via a binary included in the firmware, after ascertaining the MAC address of the IDU's base Ethernet interface, and adding the stri
nvd
CVE-2022-28370P3HIGHCVSS 7.5v3.33.101.02022-07-14
CVE-2022-28370 [HIGH] CWE-345 CVE-2022-28370: On Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 devices, the RPC endpoint crtc_fw_upgrade pr On Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 devices, the RPC endpoint crtc_fw_upgrade provides a means of provisioning a firmware update for the device. /lib/functions/wnc_jsonsh/wnc_crtc_fw.sh has no cryptographic validation of the image, thus allowing an attacker to modify the installed firmware.
nvd
Verizon Lvskihp Outdoorunit Firmware vulnerabilities | cvebase