← Volver a CVEs
CVE-2022-33106
CRITICAL9.8
Descripcion
WiJungle NGFW Version U250 was discovered to be vulnerable to No Rate Limit attack, allowing the attacker to brute force the admin password leading to Account Take Over.
Detalles CVE
Puntuacion CVSS v3.19.8
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado10/12/2022
Ultima modificacion5/16/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
wijungle:u250wijungle:u250_firmware
Debilidades (CWE)
CWE-307CWE-307
Referencias
http://wijungle.com(cve@mitre.org)
https://hexisanoob.gitbook.io/hexisanoob/cves/cve-2022-33106(cve@mitre.org)
http://wijungle.com(af854a3a-2127-422b-91ae-364da2661108)
https://hexisanoob.gitbook.io/hexisanoob/cves/cve-2022-33106(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.