CVE-2021-22667

9.8CRITICAL

Key Information

Vendor: Advantech
Status: Bb-eswgp506-2sfp-t
Vendor: CVE Published:; 24 February 2021

Summary

BB-ESWGP506-2SFP-T versions 1.01.09 and prior is vulnerable due to the use of hard-coded credentials, which may allow an attacker to gain unauthorized access and permit the execution of arbitrary code on the BB-ESWGP506-2SFP-T (versions 1.01.01 and prior).

Affected Version(s)

BB-ESWGP506-2SFP-T = Versions 1.01.09 and prior

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Feb 24, 2021
Vulnerability Reserved.
Jan 5, 2021

Collectors

NVD DatabaseMitre Database