CVE-2022-27179
MEDIUMRedlion DA50N Firmware - Insufficiently Protected Credentials
Title source: llmDescription
A malicious actor having access to the exported configuration file may obtain the stored credentials and thereby gain access to the protected resource. If the same passwords were used for other resources, further such assets may be compromised.
References (1)
Core 1
Core References
Mitigation, Third Party Advisory, US Government Resource x_refsource_misc
https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03
Scores
CVSS v3
4.6
EPSS
0.0052
EPSS Percentile
40.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-522
Status
published
Products (1)
redlion/da50n_firmware
Published
Apr 20, 2022
Tracked Since
Feb 18, 2026