CVE-2022-47618

Merit LILIN AH55B04 & AH55B08 DVR firm has hard-coded administrator credentials. An unauthenticated remote attacker can use these credentials to log in administrator page, to manipulate system or disrupt service.
References
Link Resource
https://www.twcert.org.tw/tw/cp-132-6825-6691e-1.html Third Party Advisory VDB Entry
https://www.twcert.org.tw/tw/cp-132-6825-6691e-1.html Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:meritlilin:ah55b08_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:meritlilin:ah55b08:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:meritlilin:ah55b04_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:meritlilin:ah55b04:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:32

Type Values Removed Values Added
New CVE

Information

Published : 2023-01-03 03:15

Updated : 2024-11-21 07:32


NVD link : CVE-2022-47618

Mitre link : CVE-2022-47618

CVE.ORG link : CVE-2022-47618


JSON object : View

Products Affected

meritlilin

  • ah55b04_firmware
  • ah55b08_firmware
  • ah55b08
  • ah55b04
CWE
CWE-798

Use of Hard-coded Credentials