Vulnerability: Password Reset via Legitimate Recovery Function in NetMan 204

Vulnerability: Password Reset via Legitimate Recovery Function in NetMan 204

CVE-2022-47891 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

All versions of NetMan 204 allow an attacker that knows the MAC and serial number of the device to reset the administrator password via the legitimate recovery function.

Learn more about our Web Application Penetration Testing UK.