WiJungle NGFW Version U250 was discovered to be vulnerable to No Rate Limit attack, allowing the attacker to brute force the admin password leading to Account Take Over.
References
Link | Resource |
---|---|
http://wijungle.com | Product |
https://hexisanoob.gitbook.io/hexisanoob/cves/cve-2022-33106 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
14 Oct 2022, 20:17
Type | Values Removed | Values Added |
---|---|---|
First Time |
Wijungle u250
Wijungle u250 Firmware Wijungle |
|
CWE | CWE-307 | |
References | (MISC) http://wijungle.com - Product | |
References | (MISC) https://hexisanoob.gitbook.io/hexisanoob/cves/cve-2022-33106 - Exploit, Third Party Advisory | |
CPE | cpe:2.3:h:wijungle:u250:-:*:*:*:*:*:*:* cpe:2.3:o:wijungle:u250_firmware:-:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
12 Oct 2022, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-10-12 14:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-33106
Mitre link : CVE-2022-33106
CVE.ORG link : CVE-2022-33106
JSON object : View
Products Affected
wijungle
- u250
- u250_firmware
CWE
CWE-307
Improper Restriction of Excessive Authentication Attempts