CVE-2022-3681 MEDIUM

CVE-2022-3681

Vendor Motorola
Product MR2600 Router
Weakness CWE-287 · Improper authentication
Published October 27, 2023
Last update September 9, 2024

CVSS base score

6.5/10
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

A vulnerability has been identified in the MR2600 router v1.0.18 and earlier that could allow an attacker within range of the wireless network to successfully brute force the WPS pin, potentially allowing them unauthorized access to a wireless network.

Key dates

02Disclosure timeline

October 27, 2023 CVE published
September 9, 2024 Record updated