Every CVE whose affected-product data names Phicomm K3c Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2022-25219 — CVSS 8.4 (high): A null byte interaction error has been discovered in the code that the telnetd_startup daemon uses to construct a pair of ephemeral…
CVE-2022-25218 — CVSS 8.1 (high): The use of the RSA algorithm without OAEP, or any other padding scheme, in telnetd_startup, allows an unauthenticated attacker on the local…
CVE-2022-25217 — CVSS 7.8 (high): Use of a hard-coded cryptographic key pair by the telnetd_startup service allows an attacker on the local area network to obtain a root…
CVE-2022-25214 — CVSS 7.4 (high): Improper access control on the LocalClientList.asp interface allows an unauthenticated remote attacker to obtain sensitive information…
CVE-2022-25213 — CVSS 6.8 (medium): Improper physical access control and use of hard-coded credentials in /etc/passwd permits an attacker with physical access to obtain a root…
CVE-2022-25215 — CVSS 5.3 (medium): Improper access control on the LocalMACConfig.asp interface allows an unauthenticated remote attacker to add (or remove) client MAC…