2 matches found
CVE-2022-22144
CVE-2022-22144 affects the TCL LinkHub Mesh Wi‑Fi MS1G_00_01.00_14. During boot, libcommonprod’s prod_change_root_passwd is invoked unconditionally, forcing the root password to the value “tcl-wifi” and enabling full root access without any user action. Talos confirms the vulnerability details an...
CVE-2022-22144
A hard-coded password vulnerability exists in the libcommonprod.so prodchangerootpasswd functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. During system startup this functionality is always called, leading to a known root password. An attacker does not have to do anything to trigger this...