exploitDog

GHSA-7qrc-wm75-hvh3

Опубликовано: 27 дек. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Some Dahua software products have a vulnerability of using of hard-coded cryptographic key. An attacker can obtain the AES crypto key by exploiting this vulnerability.

Some Dahua software products have a vulnerability of using of hard-coded cryptographic key. An attacker can obtain the AES crypto key by exploiting this vulnerability.

Ссылки

EPSS

Процентиль: 51%

0.00276

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-798

Связанные уязвимости

CVE-2022-45425

CVSS3: 7.5

nvd

около 3 лет назад

Some Dahua software products have a vulnerability of using of hard-coded cryptographic key. An attacker can obtain the AES crypto key by exploiting this vulnerability.

EPSS

Процентиль: 51%

0.00276

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-798