Vulnerability CVE-2022-22144


Published: 2022-08-05   Modified: 2022-08-06

Description:
A hard-coded password vulnerability exists in the libcommonprod.so prod_change_root_passwd functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. During system startup this functionality is always called, leading to a known root password. An attacker does not have to do anything to trigger this vulnerability.

Type:

CWE-259

(Use of Hard-coded Password)

 References:
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1459

Copyright 2022, cxsecurity.com

 

Back to Top