CVE-2022-0184

MEDIUM

TEPRA PRO SR5900P <1.080-1.030 - Info Disclosure

Title source: llm

Description

Insufficiently protected credentials vulnerability in 'TEPRA' PRO SR5900P Ver.1.080 and earlier and 'TEPRA' PRO SR-R7900P Ver.1.030 and earlier allows an attacker on the adjacent network to obtain credentials for connecting to the Wi-Fi access point with the infrastructure mode.

References (2)

[Third Party Advisory] https://jvn.jp/en/jp/JVN81479705/index.html

[Patch, Vendor Advisory] https://www.kingjim.co.jp/download/security/#sr01

Scores

CVSS v3 4.3

EPSS 0.0007

EPSS Percentile 21.5%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Classification

CWE

CWE-522

Status published

Affected Products (4)

kingjim/tepura_pro_sr5900p_firmware < 1.080

kingjim/tepura_pro_sr-7900p_firmware < 1.030

kingjim/spc10_firmware < 1.0.1.0

kingjim/sma3 < 1.20

Timeline

Published Jan 17, 2022

Tracked Since Feb 18, 2026