CVE-2022-47557

MEDIUM Year: 2022
CVSS v3 Score
6.1
Medium
Weakness Type
CWE-916
View all →

Vulnerability Description

Vulnerability in ekorCCP and ekorRCI that could allow an attacker with access to the network where the device is located to decrypt the credentials of privileged users, and subsequently gain access to the system to perform malicious actions.

Related Vulnerabilities

CVE-2017-11131

MEDIUM
CVSS:5.9(Medium)

An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for Web, and through 0.0.86 for Desktop. For authentication, the user password is hashed directly with SHA...

CWE-9162017

CVE-2023-27580

MEDIUM
CVSS:5.9(Medium)

CodeIgniter Shield provides authentication and authorization for the CodeIgniter 4 PHP framework. An improper implementation was found in the password storage process. All hashed passwords stored in S...

CWE-9162023

CVE-2022-24041

MEDIUM
CVSS:6.5(Medium)

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All ve...

CWE-9162022

CVE-2025-24340

MEDIUM
CVSS:6.5(Medium)

A vulnerability in the users configuration file of ctrlX OS may allow a remote authenticated (low-privileged) attacker to recover the plaintext passwords of other users.

CWE-9162025

CVE-2006-1058

MEDIUM
CVSS:5.5(Medium)

BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables.

CWE-9162006

CVE-2014-0083

MEDIUM
CVSS:5.5(Medium)

The Ruby net-ldap gem before 0.11 uses a weak salt when generating SSHA passwords.

CWE-9162014