CVE-2022-3681

MEDIUM

Motorola MR2600 < 1.0.18 - Unauthenticated WPS Pin Brute Force

Title source: llm

Description

A vulnerability has been identified in the MR2600 router v1.0.18 and earlier that could allow an attacker within range of the wireless network to successfully brute force the WPS pin, potentially allowing them unauthorized access to a wireless network.

References (1)

Core 1

Core References

Vendor Advisory

https://web.archive.org/web/20230317174952/https://help.motorolanetwork.com/hc/en-us/articles/9933302506523

Scores

CVSS v3 6.5

EPSS 0.0024

EPSS Percentile 14.9%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-287

Status published

Products (1)

motorola/mr2600 < 1.0.18

Published Oct 27, 2023

Tracked Since Feb 18, 2026