Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-22144

Опубликовано: 05 авг. 2022
Источник: nvd
CVSS3: 7.5
CVSS3: 9.8
EPSS Низкий

Описание

A hard-coded password vulnerability exists in the libcommonprod.so prod_change_root_passwd functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. During system startup this functionality is always called, leading to a known root password. An attacker does not have to do anything to trigger this vulnerability.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:tcl:linkhub_mesh_wifi_ac1200:ms1g_00_01.00_14:*:*:*:*:*:*:*
cpe:2.3:h:tcl:linkhub_mesh_wifi_ac1200:-:*:*:*:*:*:*:*

EPSS

Процентиль: 59%
0.00377
Низкий

7.5 High

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-259
CWE-798

Связанные уязвимости

github логотип

GHSA-f35f-wmvq-g2gh

CVSS3: 9.8
github
больше 3 лет назад

A hard-coded password vulnerability exists in the libcommonprod.so prod_change_root_passwd functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. During system startup this functionality is always called, leading to a known root password. An attacker does not have to do anything to trigger this vulnerability.

EPSS

Процентиль: 59%
0.00377
Низкий

7.5 High

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-259
CWE-798