{"vulnerability": "CVE-2022-40602", "sightings": [{"uuid": "23d31911-4384-4e87-9ba6-34c550899512", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40602", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13692", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-40602\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A flaw in the Zyxel LTE3301-M209 firmware verisons prior to V1.00(ABLG.6)C0 could allow a remote attacker to access the device using an improper pre-configured password if the remote administration feature has been enabled by an authenticated administrator.\n\ud83d\udccf Published: 2022-11-22T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-28T14:24:37.801Z\n\ud83d\udd17 References:\n1. https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-pre-configured-password-vulnerability-of-lte3301-m209", "creation_timestamp": "2025-04-28T15:10:58.000000Z"}, {"uuid": "0c12e537-5ba0-46b3-a349-9235eccb992e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40602", "type": "seen", "source": "https://t.me/true_secator/3876", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c ReSolver\u00a0\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0431\u044d\u043a\u0434\u043e\u0440 \u0432 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u0445 ZyXEL LTE3301-M209 LTE.\n\nCVE-2022-40602 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u043f\u043e \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0438 \u0441 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u043c\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430\u043c\u0438 \u0432 Telnet \u0432 D-Link DWR-921. \u041e\u043d \u043f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043b ELF, \u0441\u043e\u0441\u0440\u0435\u0434\u043e\u0442\u043e\u0447\u0438\u0432 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043d\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u044f\u0445 amit, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b\u0438 \u043b\u0430\u0437\u0435\u0439\u043a\u0443 \u0432 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u0445 D-Link.\n\n\u041f\u0440\u043e\u0448\u0438\u0432\u043a\u0430 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0441\u043b\u0438\u044f\u043d\u0438\u0435 3 \u0440\u0430\u0437\u0434\u0435\u043b\u043e\u0432, \u0440\u0430\u0437\u0434\u0435\u043b LZMA \u2014 \u044d\u0442\u043e \u044f\u0434\u0440\u043e, \u043f\u043e \u0430\u0434\u0440\u0435\u0441\u0443 0x148CD6 \u2014 root-fs, \u0430 \u043f\u043e \u0430\u0434\u0440\u0435\u0441\u0443 0x90BD36 \u2014 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435 www.\n\n\u0412\u043d\u0443\u0442\u0440\u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 Squashfs \u0435\u0441\u0442\u044c \u0444\u0430\u0439\u043b, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u043f\u043e \u0430\u0434\u0440\u0435\u0441\u0443 0x10 \u0446\u0435\u043b\u0435\u0432\u044b\u0435 \u0431\u0430\u0439\u0442\u044b Zlib. \u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043e\u043d \u043d\u0435 \u043d\u0430\u0448\u0435\u043b \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 Telnet, \u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0447\u0442\u043e-\u0442\u043e \u043f\u043e\u0445\u043e\u0436\u0435\u0435 \u043d\u0430 \u0431\u044d\u043a\u0434\u043e\u0440 \u0432 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435. \n\n12 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430 \u043e\u043d \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b ZyXEL \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438. \u0427\u0435\u0440\u0435\u0437 \u0434\u0432\u0430 \u0434\u043d\u044f ZyXEL \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0438 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430, \u0447\u0442\u043e \u0431\u0430\u0433\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u043c\u043e\u0434\u0435\u043b\u044c LTE3301-M209.\n\n19 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u043e\u0448\u0438\u0431\u043a\u0435 \u0431\u044b\u043b \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d CVE, \u0430 22 \u043d\u043e\u044f\u0431\u0440\u044f \u0431\u044b\u043b \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 ZyXEL \u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438.\u00a0\n\nZyxel PSIRT \u0440\u0435\u0448\u0438\u043b\u0430 \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c \u043c\u0430\u0441\u0441\u043e\u0432\u0443\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u0412\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0430\u043c \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0438\u0445 \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438.", "creation_timestamp": "2022-12-26T13:30:07.000000Z"}, {"uuid": "17c9e721-a681-4916-b961-04568587a00d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40602", "type": "seen", "source": "https://t.me/cibsecurity/53312", "content": "\u203c CVE-2022-40602 \u203c\n\nA flaw in the Zyxel LTE3301-M209 firmware verisons prior to V1.00(ABLG.6)C0 could allow a remote attacker to access the device using an improper pre-configured password if the remote administration feature has been enabled by an authenticated administrator.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-22T07:12:59.000000Z"}, {"uuid": "d1a2df2a-a5c8-4633-9681-367ddeb4723e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40602", "type": "seen", "source": "https://t.me/anti_malware/14007", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0439 \u0432 Twitter \u043a\u0430\u043a ReSolver, \u0432\u044b\u044f\u0432\u0438\u043b \u0436\u0451\u0441\u0442\u043a\u043e \u0437\u0430\u0434\u0430\u043d\u043d\u044b\u0435 \u0432 \u043a\u043e\u0434\u0435 \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0432 \u0434\u043e\u043c\u0430\u0448\u043d\u0438\u0445 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u0445 ZyXEL LTE3301-M209 LTE. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u043b\u0438 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2022-40602.", "creation_timestamp": "2022-12-26T16:50:21.000000Z"}, {"uuid": "158fcf79-761c-4c7a-894d-c53587f9906f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40602", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7426", "content": "#exploit\n1. CVE-2022-40309, CVE-2022-40308:\nApache Archiva <2.2.9 - Arbitrary Directory Delete / Arbitrary File Read\nhttps://xz.aliyun.com/t/11979\n\n2. CVE-2022-40602:\nZyXEL LTE3301-M209 - \"Backdoor\" credentials\nhttps://resolverblog.blogspot.com/2022/12/cve-2022-40602-zyxel-lte3301-m209.html\n]-> D-Link DWR-921/925/118 Hardcoded backdoor implemented by vendor:\nhttps://resolverblog.blogspot.com/2022/12/d-link-dwr-921-dwr-925-dwr-118.html\n\n3. DirtyCred Remastered: how to turn an UAF into Privilege Escalation\nhttps://exploiter.dev/blog/2022/CVE-2022-2602.html", "creation_timestamp": "2024-10-10T19:09:53.000000Z"}]}