CVE-2022-45600
Published: 22 February 2023
Summary
CVE-2022-45600 is a high-severity Command Injection (CWE-77) vulnerability in Aztech Wmb250Ac Firmware. Its CVSS base score is 8.8 (High).
Operationally, ranked in the top 2.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
Aztech WMB250AC Mesh Routers running Firmware Version 016 2020 contain an improper session management flaw that permits authentication bypass on the web portal. The issue is tracked as CVE-2022-45600 with a CVSS 3.1 score of 8.8 and is associated with CWE-77.
Remote attackers can exploit the weakness opportunistically whenever an administrator session is already active, allowing them to execute arbitrary commands with full administrative privileges without supplying valid credentials. The attack requires only network access and no additional user interaction once a legitimate login exists.
Public proof-of-concept code demonstrating the bypass and command execution is available in a GitHub repository. The current EPSS of 0.4180 matches the observed peak, indicating sustained exploitation interest since disclosure. No vendor advisory or firmware patch information is referenced in the available sources.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-48464
Vulnerability details
Aztech WMB250AC Mesh Routers Firmware Version 016 2020 devices improperly manage sessions, which allows remote attackers to bypass authentication in opportunistic circumstances and execute arbitrary commands with administrator privileges by leveraging an existing web portal login.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.