CVE-2022-3218
Necta WiFi Mouse (Mouse Server) client-side authentication bypass
Due to a reliance on client-side authentication, the WiFi Mouse (Mouse Server) from Necta LLC's authentication mechanism is trivially bypassed, which can result in remote code execution.
Produtos afetados
Necta LLC · WiFi Mouse (Mouse Server)Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://packetstormsecurity.com/files/168509/WiFi-Mouse-1.8.3.4-Remote-Code-Execution.htmlhttps://github.com/H4rk3nz0/PenTesting/blob/main/Exploits/wifi%20mouse/wifi-mouse-server-rce.pyhttps://github.com/rapid7/metasploit-framework/pull/16985https://www.exploit-db.com/exploits/49601https://www.exploit-db.com/exploits/50972