Vulnerabilities > Contec > Fxa3200 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2022-09-26 CVE-2022-36158 Forced Browsing vulnerability in Contec products
Contec FXA3200 version 1.13.00 and under suffers from Insecure Permissions in the Wireless LAN Manager interface which allows malicious actors to execute Linux commands with root privilege via a hidden web page (/usr/www/ja/mnt_cmd.cgi).
low complexity
contec CWE-425
8.0
2022-09-26 CVE-2022-36159 Use of Hard-coded Credentials vulnerability in Contec products
Contec FXA3200 version 1.13 and under were discovered to contain a hard coded hash password for root stored in the component /etc/shadow.
low complexity
contec CWE-798
8.8