CVE-2022-1077

MEDIUM

TEM Flex-1085 Firmware - Information Disclosure

Title source: rule

Description

A vulnerability was found in TEM FLEX-1080 and FLEX-1085 1.6.0. It has been declared as problematic. This vulnerability log.cgi of the component Log Handler. A direct request leads to information disclosure of hardware information. The attack can be initiated remotely and does not require any form of authentication.

Exploits (2)

nomisec WORKING POC 4 stars

by brosck · poc

https://github.com/brosck/CVE-2022-1077

View Code ZIP pw:eip

inthewild WORKING POC

poc

https://github.com/mrempy/cve-2022-1077

View Code ZIP pw:eip

References (1)

[Third Party Advisory] https://vuldb.com/?id.194848

Scores

CVSS v3 5.3

EPSS 0.0318

EPSS Percentile 87.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE

CWE-200 CWE-425

Status published

Products (2)

tem/flex-1080_firmware 1.6.0

tem/flex-1085_firmware 1.6.0

Published Mar 29, 2022

Tracked Since Feb 18, 2026