CVE-2022-33106

WiJungle NGFW Version U250 was discovered to be vulnerable to No Rate Limit attack, allowing the attacker to brute force the admin password leading to Account Take Over.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:wijungle:u250_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:wijungle:u250:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:07

Type Values Removed Values Added
References () http://wijungle.com - Product () http://wijungle.com - Product
References () https://hexisanoob.gitbook.io/hexisanoob/cves/cve-2022-33106 - Exploit, Third Party Advisory () https://hexisanoob.gitbook.io/hexisanoob/cves/cve-2022-33106 - Exploit, Third Party Advisory

14 Oct 2022, 20:17

Type Values Removed Values Added
New CVE

Information

Published : 2022-10-12 14:15

Updated : 2024-11-21 07:07


NVD link : CVE-2022-33106

Mitre link : CVE-2022-33106

CVE.ORG link : CVE-2022-33106


JSON object : View

Products Affected

wijungle

  • u250_firmware
  • u250
CWE
CWE-307

Improper Restriction of Excessive Authentication Attempts