CVE-2022-36556

Vulnerability

The Seiko SkyBridge MB-A100 and MB-A110 routers running firmware version 4.2.0 and below contain a command injection vulnerability in the 07system08execute_ping_01 endpoint. The ipAddress parameter is not sanitized, allowing injection of arbitrary system commands. This affects all firmware versions up to and including 4.2.0 [1].

Exploitation

An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable endpoint with malicious input in the ipAddress parameter. No authentication is required, as the vulnerable endpoint is accessible without login. The attacker must have network access to the device's management interface.

Impact

Successful exploitation allows an unauthenticated attacker to execute arbitrary commands on the underlying operating system with root privileges, leading to full compromise of the device. This can result in information disclosure, denial of service, or use of the device as a pivot point in further attacks.

Mitigation

As of the publication date, no official patch has been released by Seiko Solutions. Users are advised to restrict network access to the management interface and monitor for any security updates from the vendor. No workaround is documented in available references [1].