CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-37857

bilde2910 Hauk v1.6.1 requires a hardcoded password which by default is blank. This hardcoded password is hashed but stored within the config.php file server-side as well as in clear-text on the android client device by default.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.6%

CVSS Severity

CVSS v3 Score 7.5

References

https://gainsec.com/2022/08/07/cve-2022-hardcoded-creds-weak-password-hauk-android-location-sharing/
https://github.com/bilde2910/Hauk/issues/187
https://gainsec.com/2022/08/07/cve-2022-hardcoded-creds-weak-password-hauk-android-location-sharing/
https://github.com/bilde2910/Hauk/issues/187

Products affected by CVE-2022-37857

Hauk Project » Hauk » Version: 1.6.1

cpe:2.3:a:hauk_project:hauk:1.6.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-37857

Products

Pricing

Contact Us