Vulnerability Details CVE-2022-31460
Owl Labs Meeting Owl 5.2.0.15 allows attackers to activate Tethering Mode with hard-coded hoothoot credentials via a certain c 150 value.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.048
EPSS Ranking 89.1%
CVSS Severity
CVSS v3 Score 7.4
CVSS v2 Score 3.3
References
- https://arstechnica.com/information-technology/2022/06/vulnerabilities-in-meeting-owl-videoconference-device-imperil-100k-users/
- https://resources.owllabs.com/blog/owl-labs-update
- https://www.modzero.com/static/meetingowl/Meeting_Owl_Pro_Security_Disclosure_Report_RELEASE.pdf
- https://arstechnica.com/information-technology/2022/06/vulnerabilities-in-meeting-owl-videoconference-device-imperil-100k-users/
- https://resources.owllabs.com/blog/owl-labs-update
- https://www.modzero.com/static/meetingowl/Meeting_Owl_Pro_Security_Disclosure_Report_RELEASE.pdf
Products affected by CVE-2022-31460
-
cpe:2.3:h:owllabs:meeting_owl_pro:-
-
cpe:2.3:o:owllabs:meeting_owl_pro_firmware:5.2.0.15