CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-47561

The web application stores credentials in clear text in the "admin.xml" file, which can be accessed without logging into the website, which could allow an attacker to obtain credentials related to all users, including admin users, in clear text, and use them to subsequently execute malicious actions.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 7.0%

CVSS Severity

CVSS v3 Score 7.3

References

https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-ormazabal-products
https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-ormazabal-products

Products affected by CVE-2022-47561

Ormazabal » Ekorccp » Version: N/A

cpe:2.3:h:ormazabal:ekorccp:-
Ormazabal » Ekorrci » Version: N/A

cpe:2.3:h:ormazabal:ekorrci:-
Ormazabal » Ekorccp Firmware » Version: 601j

cpe:2.3:o:ormazabal:ekorccp_firmware:601j
Ormazabal » Ekorrci Firmware » Version: 601j

cpe:2.3:o:ormazabal:ekorrci_firmware:601j

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-47561

Products

Pricing

Contact Us