VYPR
Critical severity9.8NVD Advisory· Published Oct 21, 2022· Updated Jun 17, 2026

CVE-2022-3203

CVE-2022-3203

Description

On ORing net IAP-420(+) with FW version 2.0m a telnet server is enabled by default and cannot permanently be disabled. You can connect to the device via LAN or WiFi with hardcoded credentials and get an administrative shell. These credentials are reset to defaults with every reboot.

Affected products

2
  • Oring/Iap 420(+)llm-fuzzy2 versions
    = 2.0m+ 1 more
    • (no CPE)range: = 2.0m
    • (no CPE)range: FW 2.0m

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.