Lucene search
HistoryJan 03, 2023 - 3:15 a.m.
CVE-2022-47618
lilin ah55b04 & ah55b08
dvr
hard-coded credentials
vulnerability
remote attacker
authentication
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.004
Percentile
72.9%
Merit LILIN AH55B04 & AH55B08 DVR firm has hard-coded administrator credentials. An unauthenticated remote attacker can use these credentials to log in administrator page, to manipulate system or disrupt service.
Affected configurations
Node
meritlilinah55b08Match-
meritlilinah55b08_firmwareMatch-
Node
meritlilinah55b04Match-
meritlilinah55b04_firmwareMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| meritlilin | ah55b08 | - | cpe:2.3:h:meritlilin:ah55b08:-:*:*:*:*:*:*:* |
| meritlilin | ah55b08_firmware | - | cpe:2.3:o:meritlilin:ah55b08_firmware:-:*:*:*:*:*:*:* |
| meritlilin | ah55b04 | - | cpe:2.3:h:meritlilin:ah55b04:-:*:*:*:*:*:*:* |
| meritlilin | ah55b04_firmware | - | cpe:2.3:o:meritlilin:ah55b04_firmware:-:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2022-47618
2023-01-03 03:15:10
cvelist
cvelist
prion
prion
Hardcoded credentials
2023-01-03 03:15:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.004
Percentile
72.9%
Related for NVD:CVE-2022-47618