Sunday, June 15, 2025
HomeCVE/vulnerabilityCritical Flaws in Airplanes WiFi Access Point Let Attackers Gain Root Access

Critical Flaws in Airplanes WiFi Access Point Let Attackers Gain Root Access

Published on

SIEM as a Service

Follow Us on Google News

Two critical vulnerabilities have been found recently in the wireless LAN devices of Contec. These critical vulnerabilities were discovered by the cybersecurity analysts, Samy Younsi and Thomas Knudsen of Necrum Security Lab.

There are two models of the FLEXLAN FXA2000 and FXA3000 series from CONTEC which are primarily used in airplane installations as WiFi access points.

As a result, these devices offer extremely high-speed connectivity during flight trips for the following purposes:-

- Advertisement - Google News
  • Movies
  • Musics
  • Buy foods
  • Buy goodies

Affected Products

Here below we have mentioned all the products that are affected:-

  • All Contec FLEXLAN FXA3000 Series devices from version 1.15.00 and under.
  • All Contec FLEXLAN FXA2000 Series devices from version 1.38.00 and under.

Vulnerabilities

The following are the two critical vulnerabilities that are highlighted below:-

An adversary can exploit these vulnerabilities to compromise all types of inflight entertainment systems, and also other aspects of the system.

While performing the reverse engineering of the firmware for the first vulnerability (CVE-2022–36158), researchers discovered the first vulnerability.

CVE-2022-36159 is the second vulnerability which involves the use of the following two elements:-

  • Weak cryptographic keys
  • Backdoor accounts

The CVE-2022–36158 vulnerability can be traced to a hidden page in WiFi LAN Manager, and it was not displayed as part of the dashboard interface.

The aim of this page is to make it easier for the user to execute Linux commands that have root privileges on the device. 

Once access to all the data on the device had been gained, the threat actors had the ability to open the telnet port in order to gain full control over it.

Recommendation

Here below we have mentioned the remedies for these two vulnerabilities:-

  • CVE-2022–36158 Remedy 

Since the default password for the hidden engineering web page is extremely weak, it needs to be removed from the devices that are in production. Through this website, an attacker could very easily be able to inject a backdoor onto the device as it has a very weak default password.

  • CVE-2022-36159 Remedy

For each device, a unique password needs to be generated. The passwords for each device must be generated randomly throughout the manufacturing process, and each password must be unique.

Download Free SWG – Secure Web Filtering – E-book

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Kali Linux 2025.2 Released: New Tools, Smartwatch and Car Hacking Added

Kali Linux, the preferred distribution for security professionals, has launched its second major release...

Arsen Launches AI-Powered Vishing Simulation to Help Organizations Combat Voice Phishing at Scale

Arsen, the cybersecurity startup known for defending organizations against social engineering threats, has announced...

NIST Releases New Guide – 19 Strategies for Building Zero Trust Architectures

The National Institute of Standards and Technology (NIST) has released groundbreaking guidance to help...

Spring Framework Flaw Enables Remote File Disclosure via “Content‑Disposition” Header

A medium-severity reflected file download (RFD) vulnerability (CVE-2025-41234) in VMware's Spring Framework has been...

Credential Abuse: 15-Min Attack Simulation

Credential Abuse Unmasked

Credential abuse is #1 attack vector in web and API breaches today (Verizon DBIR 2025). Join our live, 15-min attack simulation with Karthik Krishnamoorthy (CTO - Indusface) and Phani Deepak Akella (VP of Marketing - Indusface) to see hackers move from first probe to full account takeover.

Discussion points


Username & email enumeration – how a stray status-code reveals valid accounts.
Password spraying – low-and-slow guesses that evade basic lockouts.
Credential stuffing – lightning-fast reuse of breach combos at scale.
MFA / session-token bypass – sliding past second factors with stolen cookies.

More like this

Kali Linux 2025.2 Released: New Tools, Smartwatch and Car Hacking Added

Kali Linux, the preferred distribution for security professionals, has launched its second major release...

NIST Releases New Guide – 19 Strategies for Building Zero Trust Architectures

The National Institute of Standards and Technology (NIST) has released groundbreaking guidance to help...

Spring Framework Flaw Enables Remote File Disclosure via “Content‑Disposition” Header

A medium-severity reflected file download (RFD) vulnerability (CVE-2025-41234) in VMware's Spring Framework has been...