exploitDog

CVE-2022-36555

Опубликовано: 29 авг. 2022

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Hytec Inter HWL-2511-SS v1.05 and below implements a SHA512crypt hash for the root account which can be easily cracked via a brute-force attack.

Ссылки

https://gist.github.com/Nwqda/b27418ab801eb0b9cdbe8d042cb0249b
Broken Link
https://hytec.co.jp/eng/products/our-brand/hwl-2511-ss.html
Product
Vendor Advisory
https://hytec.co.jp/eng/wordpress/wp-content/uploads/2019/09/hwl-2511-ss-ds.3.0.pdf
Vendor Advisory
https://gist.github.com/Nwqda/b27418ab801eb0b9cdbe8d042cb0249b
Broken Link
https://hytec.co.jp/eng/products/our-brand/hwl-2511-ss.html
Product
Vendor Advisory
https://hytec.co.jp/eng/wordpress/wp-content/uploads/2019/09/hwl-2511-ss-ds.3.0.pdf
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:hytec:hwl-2511-ss_firmware:*:*:*:*:*:*:*:*

Версия до 1.05 (включая)

cpe:2.3:h:hytec:hwl-2511-ss:-:*:*:*:*:*:*:*

EPSS

Процентиль: 56%

0.00331

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-326

Связанные уязвимости

GHSA-4q2f-2vfx-8gg8

CVSS3: 9.8

github

больше 3 лет назад

Hytec Inter HWL-2511-SS v1.05 and below implements a SHA512crypt hash for the root account which can be easily cracked via a brute-force attack.

EPSS

Процентиль: 56%

0.00331

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-326