Description
Insufficiently protected credentials vulnerability in 'TEPRA' PRO SR5900P Ver.1.080 and earlier and 'TEPRA' PRO SR-R7900P Ver.1.030 and earlier allows an attacker on the adjacent network to obtain credentials for connecting to the Wi-Fi access point with the infrastructure mode.
References (2)
Core 2
Core References
Patch, Vendor Advisory x_refsource_misc
https://www.kingjim.co.jp/download/security/#sr01
Third Party Advisory x_refsource_misc
https://jvn.jp/en/jp/JVN81479705/index.html
Scores
CVSS v3
4.3
EPSS
0.0034
EPSS Percentile
25.9%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-522
Status
published
Products (4)
kingjim/sma3
< 1.20
kingjim/spc10_firmware
< 1.0.1.0
kingjim/tepura_pro_sr-7900p_firmware
< 1.030
kingjim/tepura_pro_sr5900p_firmware
< 1.080
Published
Jan 17, 2022
Tracked Since
Feb 18, 2026