CVE-2022-39997

HIGH

Teldats Router - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-39997. PoCs published by uyhacked.

AI-analyzed exploit summary This repository contains a functional Python script that exploits CVE-2022-39997, a weak password vulnerability in Teldat RS123/RS123w routers. The script attempts to authenticate using default credentials (root:root) across multiple services (Telnet, SSH, HTTP, HTTPS, FTP) and reports successful logins.

Description

A weak password requirement issue was discovered in Teldats Router RS123, RS123w allows a remote attacker to escalate privileges

Exploits (1)

github WORKING POC
by uyhacked · pythonpoc
https://github.com/uyhacked/Teldat-Router-CVE-2022-POC/tree/main/CVE-2022-39997.py

This repository contains a functional Python script that exploits CVE-2022-39997, a weak password vulnerability in Teldat RS123/RS123w routers. The script attempts to authenticate using default credentials (root:root) across multiple services (Telnet, SSH, HTTP, HTTPS, FTP) and reports successful logins.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Teldat RS123/RS123w routers
No auth needed
Prerequisites: network access to the target router · default credentials not changed by administrator
devstral-2 · analyzed Jun 09, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 8.0
EPSS 0.0030
EPSS Percentile 21.1%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-521
Status published
Published Aug 27, 2024
Tracked Since Feb 18, 2026