What is CVE-2022-3218?

CVE-2022-3218 is a vulnerability in Necta Llc Wifi Mouse (Mouse Server), classified under CWE-603. Published 2022-09-19.

Is CVE-2022-3218 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Necta Llc Wifi Mouse (Mouse Server)

CVE-2022-3218

Due to a reliance on client-side authentication, the WiFi Mouse (Mouse Server) from Necta LLC's authentication mechanism is trivially bypassed, which can result in remote code execution.

EPSS: 0.846 (99.4th percentile) — read the EPSS interpretation.

Affected products

Necta Llc Wifi Mouse (Mouse Server) — versions 1.8.3.4, 1.8.2.3

Weakness classification (CWE)

CWE-603

Public proof-of-concept exploits

References

github.com/rapid7/metasploit-framework/pull/16985 (x_refsource_MISC)
www.exploit-db.com/exploits/50972 (x_refsource_MISC)
www.exploit-db.com/exploits/49601 (x_refsource_MISC)
github.com/H4rk3nz0/PenTesting/blob/main/Exploits/wifi mouse/wifi-mouse-server-… (x_refsource_MISC)
packetstormsecurity.com/files/168509/WiFi-Mouse-1.8.3.4-Remote-Code-Execution.h… (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-3218?: CVE-2022-3218 is a vulnerability in Necta Llc Wifi Mouse (Mouse Server), classified under CWE-603. Published 2022-09-19.
Is CVE-2022-3218 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.