CVE-2022-23768

HIGH

NIS-HAP11AC Firmware - Unauthenticated Remote Code Execution via Exposed Telnet Port

Title source: llm
STIX 2.1

Description

This Vulnerability in NIS-HAP11AC is caused by an exposed external port for the telnet service. Remote attackers use this vulnerability to induce all attacks such as source code hijacking, remote control of the device.

References (1)

Core 1
Core References

Scores

CVSS v3 8.8
EPSS 0.0084
EPSS Percentile 53.4%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-284
Status published
Products (1)
neoinfosys/nis-hap11ac_firmware 3.0 b20201117095902
Published Sep 19, 2022
Tracked Since Feb 18, 2026