CVSS: 9.8EPSS: 2%CPEs: 4EXPL: 1CVE-2023-31446
https://notcve.org/view.php?id=CVE-2023-31446
In Cassia Gateway firmware XC1000_2.1.1.2303082218 and XC2000_2.1.1.2303090947, the queueUrl parameter in /bypass/config is not sanitized. This leads to injecting Bash code and executing it with root privileges on device startup. En el firmware XC1000_2.1.1.2303082218 y XC2000_2.1.1.2303090947 de Cassia Gateway, el parámetro queueUrl en /bypass/config no está sanitizado. Esto lleva a inyectar código Bash y ejecutarlo con privilegios de root al iniciar el dispositivo. • https://github.com/Dodge-MPTC/CVE-2023-31446-Remote-Code-Execution https://blog.kscsc.online/cves/202331446/md.html https://www.cassianetworks.com •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-35794
https://notcve.org/view.php?id=CVE-2023-35794
An issue was discovered in Cassia Access Controller 2.1.1.2303271039. The Web SSH terminal endpoint (spawned console) can be accessed without authentication. Specifically, there is no session cookie validation on the Access Controller; instead, there is only Basic Authentication to the SSH console. Se descubrió un problema en Cassia Access Controller 2.1.1.2303271039. Se puede acceder al endpoint del terminal Web SSH (consola generada) sin autenticación. • https://github.com/Dodge-MPTC/CVE-2023-35794-WebSSH-Hijacking https://blog.kscsc.online/cves/202335794/md.html https://www.cassianetworks.com/products/iot-access-controller • CWE-287: Improper Authentication •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-35793
https://notcve.org/view.php?id=CVE-2023-35793
An issue was discovered in Cassia Access Controller 2.1.1.2303271039. Establishing a web SSH session to gateways is vulnerable to Cross Site Request Forgery (CSRF) attacks. Se descubrió un problema en Cassia Access Controller 2.1.1.2303271039. Establecer una sesión web SSH para puertas de enlace es vulnerable a ataques de Cross Site Request Forgery (CSRF). • https://github.com/Dodge-MPTC/CVE-2023-35793-CSRF-On-Web-SSH https://blog.kscsc.online/cves/202335793/md.html https://www.cassianetworks.com/products/iot-access-controller • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-31445
https://notcve.org/view.php?id=CVE-2023-31445
Cassia Access controller before 2.1.1.2203171453, was discovered to have a unprivileged -information disclosure vulnerability that allows read-only users have the ability to enumerate all other users and discover e-mail addresses, phone numbers, and privileges of all other users. • https://github.com/Dodge-MPTC/CVE-2023-31445-Unprivileged-Information-Disclosure https://blog.kscsc.online/cves/202331445/md.html https://www.cassianetworks.com • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-22685 – Cassia Networks Access Controller Path Traversal
https://notcve.org/view.php?id=CVE-2021-22685
An attacker may be able to use minify route with a relative path to view any file on the Cassia Networks Access Controller prior to 2.0.1. Un atacante puede ser capaz de usar minify route con una ruta relativa para visualizar cualquier archivo en Cassia Networks Access Controller versiones anteriores a 2.0.1 • https://www.cassianetworks.com/support/knowledge-base https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-02 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •