Vulnerability Details CVE-2022-22833
An issue was discovered in Servisnet Tessa 0.0.2. An attacker can obtain sensitive information via a /js/app.js request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.187
EPSS Ranking 95.0%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://packetstormsecurity.com/files/165867/Servisnet-Tessa-MQTT-Credential-Disclosure.html
- http://www.servisnet.com.tr/en/page/products
- https://pentest.com.tr/exploits/Servisnet-Tessa-MQTT-Credentials-Dump-Unauthenticated.html
- https://www.exploit-db.com/exploits/50713
- http://packetstormsecurity.com/files/165867/Servisnet-Tessa-MQTT-Credential-Disclosure.html
- http://www.servisnet.com.tr/en/page/products
- https://pentest.com.tr/exploits/Servisnet-Tessa-MQTT-Credentials-Dump-Unauthenticated.html
- https://www.exploit-db.com/exploits/50713