CVE-2022-29525

Name of the Vulnerable Software and Affected Versions Rakuten Casa version AP F V1 4 1 Rakuten Casa version AP F V2 0 0

Description The issue is related to a hard-coded credential in Rakuten Casa, which may allow a remote unauthenticated attacker to log in with root privilege and perform arbitrary operations.

Recommendations For Rakuten Casa version AP F V1 4 1, update to a version that does not use hard-coded credentials to prevent unauthorized access. For Rakuten Casa version AP F V2 0 0, update to a version that does not use hard-coded credentials to prevent unauthorized access. As a temporary workaround, consider restricting access to the root account until a patch is available.