Unrated severityNVD Advisory· Published Oct 21, 2022· Updated May 7, 2025

ORing net IAP-420(+) Hidden Functionality

CVE-2022-3203

Description

On ORing net IAP-420(+) with FW version 2.0m a telnet server is enabled by default and cannot permanently be disabled. You can connect to the device via LAN or WiFi with hardcoded credentials and get an administrative shell. These credentials are reset to defaults with every reboot.

Affected products

Oring/Iap 420(+)v5
Range: FW 2.0m

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

mads.uniud.it/2022/09/lord-of-the-orings/mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000