9.8
CVE-2022-47618
- EPSS 2.09%
- Veröffentlicht 03.01.2023 03:15:10
- Zuletzt bearbeitet 21.11.2024 07:32:16
- Quelle twcert@cert.org.tw
- CVE-Watchlists
- Unerledigt
LoginMerit LILIN AH55B04 & AH55B08 DVR firm has hard-coded administrator credentials. An unauthenticated remote attacker can use these credentials to log in administrator page, to manipulate system or disrupt service.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Meritlilin ≫ Ah55b08 Firmware Version-
Meritlilin ≫ Ah55b04 Firmware Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.09% | 0.836 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| twcert@cert.org.tw | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-798 Use of Hard-coded Credentials
The product contains hard-coded credentials, such as a password or cryptographic key.