Lucene search

[email protected]NVD:CVE-2021-40597

HistoryJun 29, 2022 - 8:15 p.m.

CVE-2021-40597

2022-06-2920:15:08

CWE-798

[email protected]

web.nvd.nist.gov

edimax firmware

ic-3140w

administrator username

password security

cve-2021-40597

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

68.5%

JSON

The firmware of EDIMAX IC-3140W Version 3.11 is hardcoded with Administrator username and password.

Affected configurations

Nvd

Node

edimaxic-3140wMatch-

AND

edimaxic-3140w_firmwareMatch3.11

VendorProductVersionCPE
edimaxic-3140w-cpe:2.3:h:edimax:ic-3140w:-:*:*:*:*:*:*:*
edimaxic-3140w_firmware3.11cpe:2.3:o:edimax:ic-3140w_firmware:3.11:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
edimax	ic-3140w	-	cpe:2.3:h:edimax:ic-3140w:-:::::::*
edimax	ic-3140w_firmware	3.11	cpe:2.3:o:edimax:ic-3140w_firmware:3.11:::::::*

References

drive.google.com/file/d/1DZCzVULjchY0rSJBXIPr0gJM1qWCcAZ5/view?usp=sharing

drive.google.com/file/d/1ZPFwAoO8tAD0zrWwVZ9W6-CUCrcM0Exm/view?usp=sharing

www.edimax.com/edimax/download/download/data/edimax/global/download/

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

68.5%

JSON

Related for NVD:CVE-2021-40597

cve1 prion1 cvelist1