Lucene search

MitreCVE-2022-41436

HistoryOct 14, 2022 - 9:15 p.m.

CVE-2022-41436

2022-10-1421:15:09

CWE-287

mitre

web.nvd.nist.gov

security

vulnerability

oxhoo tp50

administrative panel

unauthenticated access

cve-2022-41436

nvd

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

9.1

Confidence

High

EPSS

0.002

Percentile

64.4%

JSON

An issue in OXHOO TP50 OXH1.50 allows unauthenticated attackers to access the administrative panel via browsing to the URL http://device_ip/index1.html.

Affected configurations

Nvd

Node

oxhootp50Match-

AND

oxhootp50_firmwareMatchoxh1.50

VendorProductVersionCPE
oxhootp50-cpe:2.3:h:oxhoo:tp50:-:*:*:*:*:*:*:*
oxhootp50_firmwareoxh1.50cpe:2.3:o:oxhoo:tp50_firmware:oxh1.50:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
oxhoo	tp50	-	cpe:2.3:h:oxhoo:tp50:-:::::::*
oxhoo	tp50_firmware	oxh1.50	cpe:2.3:o:oxhoo:tp50_firmware:oxh1.50:::::::*

References

github.com/NF-Security-Team/CVEs/blob/main/CVE-OXHOO/Readme.md

Social References

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

9.1

Confidence

High

EPSS

0.002

Percentile

64.4%

JSON

Related for CVE-2022-41436