Lucene search
MitreCVE-2022-33106HistoryOct 12, 2022 - 2:15 p.m.
CVE-2022-33106
2022-10-1214:15:09
CWE-307
mitre
web.nvd.nist.gov
26
wijungle
ngfw
u250
no rate limit
attack
cve-2022-33106
nvd
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.5
Confidence
High
EPSS
0.003
Percentile
65.8%
WiJungle NGFW Version U250 was discovered to be vulnerable to No Rate Limit attack, allowing the attacker to brute force the admin password leading to Account Take Over.
Affected configurations
Node
wijungleu250_firmwareMatch-
wijungleu250Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| wijungle | u250_firmware | - | cpe:2.3:o:wijungle:u250_firmware:-:*:*:*:*:*:*:* |
| wijungle | u250 | - | cpe:2.3:h:wijungle:u250:-:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2022-33106
2022-10-12 00:00:00
prion
prion
Default credentials
2022-10-12 14:15:00
nvd
nvd
CVE-2022-33106
2022-10-12 14:15:09
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.5
Confidence
High
EPSS
0.003
Percentile
65.8%
Related for CVE-2022-33106