Aggregates CVE and security vulnerability intelligence across all phicomm-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk input validation and vendor risk command injection, with potential vendor impact unexpected behavior across vendor surface software deployment use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-40796 | Phicomm k2 v22.6.529.216 was discovered to contain a command injection vulnerability via the function luci.sys.call. | [email protected] | 7.8 | 0.84% | 2023-08-25 | 2026-06-17 |
| CVE-2022-48073 | Phicomm K2G v22.6.3.20 was discovered to store the root and admin passwords in plaintext. | [email protected] | 7.5 | 0.45% | 2023-01-27 | 2026-06-17 |
| CVE-2022-48072 | Phicomm K2G v22.6.3.20 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function. | [email protected] | 7.8 | 0.90% | 2023-01-27 | 2026-06-17 |
| CVE-2022-48071 | Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext. | [email protected] | 7.5 | 0.44% | 2023-01-27 | 2026-06-17 |
| CVE-2022-48070 | Phicomm K2 v22.6.534.263 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function. | [email protected] | 7.8 | 0.90% | 2023-01-27 | 2026-06-17 |
| CVE-2022-37779 | Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers V3.0.1.17 were discovered to contain a remote command execution (RCE) vulnerability via the sendnum parameter of the ping function. | [email protected] | 7.2 | 1.66% | 2022-09-07 | 2026-06-17 |
| CVE-2022-37778 | Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers V3.0.1.17 were discovered to contain a remote command execution (RCE) vulnerability via the current_time parameter of the time function. | [email protected] | 7.2 | 1.66% | 2022-09-07 | 2026-06-17 |
| CVE-2022-37777 | Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers 3.0.1.17 and earlier were discovered to contain a remote command execution (RCE) vulnerability via the trHops parameter of the tracert function. | [email protected] | 7.2 | 1.66% | 2022-09-07 | 2026-06-17 |
| CVE-2022-37780 | Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers V3.0.1.17 were discovered to contain a remote command execution (RCE) vulnerability via the pingAddr parameter of the tracert function. | [email protected] | 7.2 | 1.66% | 2022-09-07 | 2026-06-17 |
| CVE-2022-27373 | Shanghai Feixun Data Communication Technology Co., Ltd router fir302b A2 was discovered to contain a remote command execution (RCE) vulnerability via the Ping function. | [email protected] | 8.8 | 2.64% | 2022-07-19 | 2026-06-17 |
| CVE-2022-25219 | A null byte interaction error has been discovered in the code that the telnetd_startup daemon uses to construct a pair of ephemeral passwords that allow a user to spawn a telnet service on the router, and to ensure that the telnet service persists upon reboot. By means of a crafted exchange of UDP packets, an unauthenticated attacker on the local network can leverage this null byte interaction error in such a way as to make those ephemeral passwords predictable (with 1-in-94 odds). Since the att | [email protected] | 8.4 | 0.76% | 2022-03-10 | 2026-06-17 |
| CVE-2022-25218 | The use of the RSA algorithm without OAEP, or any other padding scheme, in telnetd_startup, allows an unauthenticated attacker on the local area network to achieve a significant degree of control over the "plaintext" to which an arbitrary blob of ciphertext will be decrypted by OpenSSL's RSA_public_decrypt() function. This weakness allows the attacker to manipulate the various iterations of the telnetd startup state machine and eventually obtain a root shell on the device, by means of an exchang | [email protected] | 8.1 | 0.98% | 2022-03-10 | 2026-06-17 |
| CVE-2022-25217 | Use of a hard-coded cryptographic key pair by the telnetd_startup service allows an attacker on the local area network to obtain a root shell on the device over telnet. The builds of telnetd_startup included in the version 22.5.9.163 of the K2 firmware, and version 32.1.15.93 of the K3C firmware (possibly amongst many other releases) included both the private and public RSA keys. The remaining versions cited here redacted the private key, but left the public key unchanged. An attacker in possess | [email protected] | 7.8 | 0.32% | 2022-03-10 | 2026-06-17 |
| CVE-2022-25215 | Improper access control on the LocalMACConfig.asp interface allows an unauthenticated remote attacker to add (or remove) client MAC addresses to (or from) a list of banned hosts. Clients with those MAC addresses are then prevented from accessing either the WAN or the router itself. | [email protected] | 5.3 | 1.13% | 2022-03-10 | 2026-06-17 |
| CVE-2022-25214 | Improper access control on the LocalClientList.asp interface allows an unauthenticated remote attacker to obtain sensitive information concerning devices on the local area network, including IP and MAC addresses. Improper access control on the wirelesssetup.asp interface allows an unauthenticated remote attacker to obtain the WPA passphrases for the 2.4GHz and 5.0GHz wireless networks. This is particularly dangerous given that the K2G setup wizard presents the user with the option of using the s | [email protected] | 7.4 | 1.47% | 2022-03-10 | 2026-06-17 |
| CVE-2022-25213 | Improper physical access control and use of hard-coded credentials in /etc/passwd permits an attacker with physical access to obtain a root shell via an unprotected UART port on the device. The same port exposes an unauthenticated Das U-Boot BIOS shell. | [email protected] | 6.8 | 0.36% | 2022-03-10 | 2026-06-17 |
| CVE-2019-19117 | /usr/lib/lua/luci/controller/admin/autoupgrade.lua on PHICOMM K2(PSG1218) V22.5.9.163 devices allows remote authenticated users to execute any command via shell metacharacters in the cgi-bin/luci autoUpTime parameter. | [email protected] | 8.8 | 5.02% | 2019-11-18 | 2026-06-16 |
| CVE-2017-11495 | PHICOMM K2(PSG1218) devices V22.5.11.5 and earlier allow unauthenticated remote code execution via a request to an unspecified ASP script; alternatively, the attacker can leverage unauthenticated access to this script to trigger a reboot via an ifType=reboot action. | [email protected] | 9.8 | 3.18% | 2017-07-20 | 2026-06-16 |