Authenticated Path Traversal Vulnerability in Nokia Fastmile Router
CVE-2022-36221

6.5MEDIUM

Key Information:

Vendor: Nokia
Status: Fastmile Firmware
Vendor: CVE Published:; 21 December 2022

Summary

An authenticated path traversal vulnerability has been identified in the Nokia Fastmile 3tg00118abad52 router. This security flaw enables attackers with valid credentials to exploit the system, allowing unauthorized access to sensitive named pipe files. Such access could lead to extensive security breaches, compromising the confidentiality and integrity of the system.

References

https://eddiez.me/hacking-the-nokia-fastmile-pt2/#pipe-pa...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 21, 2022
Vulnerability Reserved
Jul 18, 2022