Vulnerability Details CVE-2022-36555
Hytec Inter HWL-2511-SS v1.05 and below implements a SHA512crypt hash for the root account which can be easily cracked via a brute-force attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 36.4%
CVSS Severity
CVSS v3 Score 9.8
References
- https://gist.github.com/Nwqda/b27418ab801eb0b9cdbe8d042cb0249b
- https://hytec.co.jp/eng/products/our-brand/hwl-2511-ss.html
- https://hytec.co.jp/eng/wordpress/wp-content/uploads/2019/09/hwl-2511-ss-ds.3.0.pdf
- https://gist.github.com/Nwqda/b27418ab801eb0b9cdbe8d042cb0249b
- https://hytec.co.jp/eng/products/our-brand/hwl-2511-ss.html
- https://hytec.co.jp/eng/wordpress/wp-content/uploads/2019/09/hwl-2511-ss-ds.3.0.pdf
Products affected by CVE-2022-36555
-
cpe:2.3:h:hytec:hwl-2511-ss:-
-
cpe:2.3:o:hytec:hwl-2511-ss_firmware:-
-
cpe:2.3:o:hytec:hwl-2511-ss_firmware:1.05