CVE-2022-0184 in TEPRA PRO SR5900P
Summary
by MITRE • 01/17/2022
Insufficiently protected credentials vulnerability in 'TEPRA' PRO SR5900P Ver.1.080 and earlier and 'TEPRA' PRO SR-R7900P Ver.1.030 and earlier allows an attacker on the adjacent network to obtain credentials for connecting to the Wi-Fi access point with the infrastructure mode.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 01/19/2022
The vulnerability identified as CVE-2022-0184 represents a critical insufficiently protected credentials flaw within the TEPRA PRO SR5900P and SR-R7900P wireless access point devices. This vulnerability affects firmware versions 1.080 and earlier for the SR5900P model, and 1.030 and earlier for the SR-R7900P model, creating a significant security risk for network infrastructure. The flaw exists in the wireless access point's credential handling mechanisms, specifically within the infrastructure mode configuration that governs how devices connect to and authenticate with the wireless network. The vulnerability allows an attacker positioned on the adjacent network to extract credentials necessary for connecting to the Wi-Fi access point, essentially providing unauthorized access to the network infrastructure.
The technical implementation of this vulnerability stems from inadequate cryptographic protection mechanisms within the device's authentication protocols. When devices attempt to connect to the wireless network in infrastructure mode, the system fails to properly secure the transmission of authentication credentials, leaving them susceptible to interception and extraction. This weakness directly maps to CWE-312, which addresses the exposure of sensitive information through improper handling of credentials, and specifically relates to CWE-522, which focuses on insufficiently protected credentials. The vulnerability operates at the network level where adjacent network attackers can leverage passive monitoring techniques to capture network traffic containing the unprotected credentials. The attack vector requires minimal privileges and can be executed by any attacker within the physical proximity of the affected network infrastructure, making it particularly dangerous for enterprise and industrial environments where such devices are commonly deployed.
The operational impact of this vulnerability extends beyond simple credential theft, as it enables attackers to establish persistent network access points and potentially escalate their privileges within the affected network. Once credentials are obtained, attackers can authenticate to the wireless access point and gain unauthorized access to the network infrastructure, potentially leading to complete network compromise. The vulnerability affects the fundamental security posture of organizations relying on these devices, as it undermines the basic principle of network segmentation and authentication. From an attack framework perspective, this vulnerability aligns with ATT&CK technique T1075 which covers the use of valid accounts for access, and T1566 which involves the exploitation of network infrastructure devices. The impact is particularly severe in environments where these devices are deployed in critical infrastructure settings, as the compromise of a single access point can provide attackers with a foothold for broader network infiltration.
Organizations should implement immediate mitigations including firmware updates to the latest available versions that address this credential exposure vulnerability. Network segmentation strategies should be enhanced to isolate critical infrastructure devices from general network access, while implementing additional authentication layers such as 802.1X authentication and network access control. Regular network monitoring and intrusion detection systems should be configured to detect anomalous authentication patterns and unauthorized access attempts. The vulnerability also underscores the importance of maintaining up-to-date security patches and conducting regular vulnerability assessments of network infrastructure devices. Security teams should also consider implementing network access control policies that restrict the ability of adjacent network devices to perform reconnaissance activities against wireless infrastructure. Additionally, organizations should establish procedures for regularly auditing wireless network configurations and credentials to ensure that no sensitive authentication information is exposed through improper network design or implementation.