CVE-2022-4985

Vulnerability Description

Vodafone H500s devices running firmware v3.5.10 (hardware model Sercomm VFH500) expose the WiFi access point password via an unauthenticated HTTP endpoint. By sending a crafted GET request to /data/activation.json with specific headers and cookies, a remote attacker can retrieve a JSON document that contains the wifi_password field. This allows an unauthenticated attacker to obtain the WiFi credentials and gain unauthorized access to the wireless network, compromising confidentiality of network traffic and attached systems.

Related Weaknesses (CWE)

References

• https://cxsecurity.com/issue/WLB-2022010024
• https://help.vodacom.co.za/personal/home/61/9493/1023659/Vodafone-H500s-WiFi-rou
• https://www.exploit-db.com/exploits/50636
• https://www.vulncheck.com/advisories/vodafone-h500s-wifi-password-disclosure-via
• https://cxsecurity.com/issue/WLB-2022010024
• https://www.exploit-db.com/exploits/50636

FAQ

What is CVE-2022-4985?

CVE-2022-4985 is a documented vulnerability. Vodafone H500s devices running firmware v3.5.10 (hardware model Sercomm VFH500) expose the WiFi access point password via an unauthenticated HTTP endpoint. By sending a crafted GET request to /data/ac...

How severe is CVE-2022-4985?

CVSS scoring is not yet available for CVE-2022-4985. Check NVD for updates.

Is there a patch for CVE-2022-4985?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.