CVE Vulnerabilities

CVE-2022-0184

Insufficiently Protected Credentials

Published: Jan 17, 2022 | Modified: Jan 28, 2022
CVSS 3.x
4.3
MEDIUM
Source:
NVD
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVSS 2.x
3.3 LOW
AV:A/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Insufficiently protected credentials vulnerability in TEPRA PRO SR5900P Ver.1.080 and earlier and TEPRA PRO SR-R7900P Ver.1.030 and earlier allows an attacker on the adjacent network to obtain credentials for connecting to the Wi-Fi access point with the infrastructure mode.

Weakness

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

Affected Software

Name Vendor Start Version End Version
Tepura_pro_sr5900p_firmware Kingjim * 1.080

Potential Mitigations

References