CVE-2022-36222

HIGH

8.4

Descricao

Nokia Fastmile 3tg00118abad52 devices shipped by Optus are shipped with a default hardcoded admin account of admin:Nq+L5st7o This account can be used locally to access the web admin interface.

Detalhes CVE

Pontuacao CVSS v3.18.4

SeveridadeHIGH

Vetor CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vetor de ataqueLOCAL

ComplexidadeLOW

Privilegios necessariosNONE

Interacao do usuarioNONE

Publicado12/21/2022

Ultima modificacao4/16/2025

Fontenvd

Avistamentos honeypot0

Produtos afetados

nokia:fastmilenokia:fastmile_firmware

Fraquezas (CWE)

CWE-798CWE-798

Referencias

https://eddiez.me/hacking-the-nokia-fastmile-pt2/#identical-super-admin-passwords(cve@mitre.org)

https://eddiez.me/hacking-the-nokia-fastmile-pt2/#identical-super-admin-passwords(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.