CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-35122

An access control issue in Ecowitt GW1100 Series Weather Stations <=GW1100B_v2.1.5 allows unauthenticated attackers to access sensitive information including device and local WiFi passwords.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.5%

CVSS Severity

CVSS v3 Score 9.1

References

https://www.pizzapower.me/2022/06/30/the-incredibly-insecure-weather-station/
https://www.pizzapower.me/2022/06/30/the-incredibly-insecure-weather-station/

Products affected by CVE-2022-35122

Ecowitt » Gw1100 » Version: N/A

cpe:2.3:h:ecowitt:gw1100:-
Ecowitt » Gw1100 Firmware » Version: Any

cpe:2.3:o:ecowitt:gw1100_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-35122

Products

Pricing

Contact Us