# CVE-2022-32429
An authentication-bypass , MSNSwitch MNT.2408 allows unauthenticated attackers to arbitrarily configure settings within the application, leading to remote code execution.

POC for unauthenticated configuration dump, authenticated RCE on msnswitch firmware 2408.
Configuration dump only requires HTTP access.
Full RCE requires you to be on the same subnet as the device.