CVE-2022-33106

EUVD-2022-36161
WiJungle NGFW Version U250 was discovered to be vulnerable to No Rate Limit attack, allowing the attacker to brute force the admin password leading to Account Take Over.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 57%
Affected Products (NVD)
VendorProductVersion
wijungleu250_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://wijungle.com
https://hexisanoob.gitbook.io/hexisanoob/cves/cve-2022-33106
http://wijungle.com
https://hexisanoob.gitbook.io/hexisanoob/cves/cve-2022-33106