Vulnerability Details CVE-2022-1666
The default password for the web application’s root user (the vendor’s private account) was weak and the MD5 hash was used to crack the password using a widely available open-source tool.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.9%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
Products affected by CVE-2022-1666
-
cpe:2.3:h:secheron:sepcos_control_and_protection_relay:-
-
cpe:2.3:o:secheron:sepcos_control_and_protection_relay_firmware:1.23.0
-
cpe:2.3:o:secheron:sepcos_control_and_protection_relay_firmware:1.24.0
-
cpe:2.3:o:secheron:sepcos_control_and_protection_relay_firmware:1.25.0