Hard-coded Default Password Vulnerability in RTL8111EP-CG/RTL8111FP-CG DASH Function

Hard-coded Default Password Vulnerability in RTL8111EP-CG/RTL8111FP-CG DASH Function

CVE-2022-32967 · LOW Severity

CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and server information.

Learn more about our Cis Benchmark Audit For Server Software.