Sepcos Control And Protection Relay Firmware
CVE-2022-2103
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
1DescriptionNVD
An attacker with weak credentials could access the TCP port via an open FTP port, allowing an attacker to read sensitive files and write to remotely executable directories.
AnalysisAI
An attacker with weak credentials could access the TCP port via an open FTP port, allowing an attacker to read sensitive files and write to remotely executable directories. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-284. An attacker with weak credentials could access the TCP port via an open FTP port, allowing an attacker to read sensitive files and write to remotely executable directories. Affected products include: Secheron Sepcos Control And Protection Relay Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
The www-data (Apache web server) account is configured to run sudo with no password for many commands (including /bin/sh
Weak default root user credentials allow remote attackers to easily obtain OS superuser privileges over the open TCP por
Client-side JavaScript controls may be bypassed to change user credentials and permissions without authentication, inclu
Controls limiting uploads to certain file extensions may be bypassed. Rated high severity (CVSS 7.5), this vulnerability
Client-side JavaScript controls may be bypassed by directly running a JS function to reboot the PLC (e.g., from the brow
The default password for the web application’s root user (the vendor’s private account) was weak and the MD5 hash was us
Same weakness CWE-284 – Improper Access Control
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today