PT-2022-23264 · Nokia · Nokia Fastmile
Published
2022-12-21
·
Updated
2022-12-28
·
CVE-2022-36222
CVSS v3.1
8.4
High
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Nokia Fastmile 3tg00118abad52 devices (affected versions not specified)
Description
The issue concerns a default hardcoded admin account with the credentials admin:
Nq+L5st7o. This account can be used locally to access the web admin interface.Recommendations
For Nokia Fastmile 3tg00118abad52 devices, change the default admin account credentials as soon as possible to prevent unauthorized access.
Consider restricting local access to the web admin interface until the default credentials are changed.
As a temporary workaround, consider disabling local access to the web admin interface until the issue is resolved.
Exploit
Fix
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nokia Fastmile