CVE-2022-47558

Name of the Vulnerable Software and Affected Versions ekorCCP (affected versions not specified) ekorRCI (affected versions not specified)

Description The issue arises due to access to the FTP service using default credentials. This can allow an attacker to modify critical files, potentially leading to the creation of new users, deletion or modification of existing users, modification of configuration files, or the installation of rootkits or backdoors.

Recommendations For ekorCCP, consider disabling access to the FTP service until a secure configuration or update is available. For ekorRCI, restrict the use of default credentials for the FTP service to minimize the risk of exploitation. As a temporary workaround, avoid using the FTP service with default credentials until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.