2.1
CVE-2022-32967
- EPSS 0.08%
- Veröffentlicht 29.11.2022 04:15:10
- Zuletzt bearbeitet 21.11.2024 07:07:19
- Quelle twcert@cert.org.tw
- Teams Watchlist Login
- Unerledigt Login
RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and server information.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Realtek ≫ Rtl8111ep-cg Firmware Version <= 3.0.0.2019090
Realtek ≫ Rtl8111ep-cg Firmware Version5.0.10
Realtek ≫ Rtl8111fp-cg Firmware Version <= 3.0.0.2019090
Realtek ≫ Rtl8111fp-cg Firmware Version5.0.10
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.235 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| twcert@cert.org.tw | 2.1 | 0.7 | 1.4 |
CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
|
CWE-798 Use of Hard-coded Credentials
The product contains hard-coded credentials, such as a password or cryptographic key.