K3c Firmware Security Vulnerabilities and Issues — K3c Firmware CVE List

Lucene search

PhicommK3c Firmware

3 matches found

CVE•added 2022/03/10 5:47 p.m.•91 views

CVE-2022-25217

Use of a hard-coded cryptographic key pair by the telnetd_startup service allows an attacker on the local area network to obtain a root shell on the device over telnet. The builds of telnetd_startup included in the version 22.5.9.163 of the K2 firmware, and version 32.1.15.93 of the K3C firmware (p...

7.8CVSS7.6AI score0.00037EPSS

CVE•added 2022/03/10 5:47 p.m.•79 views

CVE-2022-25213

Improper physical access control and use of hard-coded credentials in /etc/passwd permits an attacker with physical access to obtain a root shell via an unprotected UART port on the device. The same port exposes an unauthenticated Das U-Boot BIOS shell.

7.2CVSS6.5AI score0.00041EPSS

CVE•added 2022/03/10 5:47 p.m.•72 views

CVE-2022-25214

Improper access control on the LocalClientList.asp interface allows an unauthenticated remote attacker to obtain sensitive information concerning devices on the local area network, including IP and MAC addresses. Improper access control on the wirelesssetup.asp interface allows an unauthenticated r...

7.4CVSS7.5AI score0.01248EPSS