CVE-2022-36601

EUVD-2022-39305
The Eclipse TCF debug interface in JasMiner-X4-Server-20220621-090907 and below is open on port 1534. This issue allows unauthenticated attackers to gain root privileges on the affected device and access sensitive data or execute arbitrary commands.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 84%
Affected Products (NVD)
VendorProductVersion
jingleminingjasminer_x4_server_firmware
𝑥
≤ 20220621-090907
𝑥
= Vulnerable software versions
References
https://jamesachambers.com/cryptocurrency-asic-miners-security-and-hacking-audit/
https://jamesachambers.com/cryptocurrency-asic-miners-security-and-hacking-audit/