CVE-2022-23768 HIGH

CVE-2022-23768: Neo Information Sys. NIS-HAP11AC remote access and manipulation vulnerability

Vendor Neo Information Systems Co., Ltd

Product Home AP NIS-HAP11AC

Weakness CWE-284

Published September 19, 2022

Last update June 3, 2025

View on NVD All CVEs

CVSS base score

8.8/10

Attack vector Adjacent

Attack complexity Low

Privileges required None

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

This Vulnerability in NIS-HAP11AC is caused by an exposed external port for the telnet service. Remote attackers use this vulnerability to induce all attacks such as source code hijacking, remote control of the device.

Key dates

02Disclosure timeline

September 19, 2022 CVE published

June 3, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-23768

Related vulnerabilities

Identifiers

CVE CVE-2022-23768

CWE CWE-284

CVSS 8.8 / HIGH

Affected versions