S4E

CVE-2022-36642 Scanner

Detects 'Path Traversal' vulnerability in Telos Alliance Omnia MPX Node affects v. through 1.0.0-1.4.9.

Short Info


Level

Critical

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

4 weeks

Scan only one

URL

Toolbox

-

Telos Alliance Omnia MPX Node is an audio processing and distribution system that features a comprehensive web interface for remote administration and monitoring. It is designed to provide radio broadcasters with a high-quality, reliable signal processing and transmission solution. The system enables broadcasters to manage their audio signals with ease and efficiency, with features like automatic gain control, multiband limiting, and stereo enhancement.

The CVE-2022-36642 vulnerability discovered in Telos Alliance Omnia MPX Node can lead to a local file disclosure (LFD) attack that gives cybercriminals unauthorized access to user credentials. This vulnerability is located in /appConfig/userDB.json, which stores sensitive user data in plaintext format. Attackers who exploit this vulnerability can easily retrieve this data and gain high-privileged access to the control panel with minimal effort.

When exploited, this vulnerability can lead to catastrophic security breaches that compromise critical business operations, costing a company millions of dollars. Attackers can use the compromised usernames and passwords to gain unauthorized access to the control panel, enabling them to execute arbitrary code, modify critical system configurations, and exfiltrate sensitive data.

Thanks to the advanced features provided by s4e.io, users of the Telos Alliance Omnia MPX Node and other digital assets can easily and quickly learn about vulnerabilities in their systems. s4e.io offers comprehensive security assessments, vulnerability scanning, and penetration testing to help users identify and mitigate potential cyber threats. With their expert guidance and proactive security measures, users can keep their digital assets secure and protected from the latest cyber threats.

 

REFERENCES

Get started to protecting your Free Full Security Scan