Lucene search

[email protected]NVD:CVE-2022-30036

HistoryAug 21, 2022 - 4:15 a.m.

CVE-2022-30036

2022-08-2104:15:11

CWE-798

[email protected]

web.nvd.nist.gov

ma lighting grandma2 light

root password

vulnerability

isolated networks

grandma3

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

37.3%

JSON

MA Lighting grandMA2 Light has a password of root for the root account. NOTE: The vendor’s position is that the product was designed for isolated networks. Also, the successor product, grandMA3, is not affected by this vulnerability.

Affected configurations

NVD

Node

malightinggrandma2_light_firmwareMatch-

AND

malightinggrandma2_lightMatch-

References

parzival.sh/posts/Pwning-a-Lighting-Console-in-a-Few-Minutes/

www.malighting.com/product-archive/product/grandma2-light-120112/

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

37.3%

JSON

Related for NVD:CVE-2022-30036

prion1 cve1 cvelist1