Vulnerabilities > CVE-2022-22512 - Unspecified vulnerability in Varta products

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

varta

NVD

Published: 2023-03-23

Updated: 2024-11-21

Summary

Hard-coded credentials in Web-UI of multiple VARTA Storage products in multiple versions allows an unauthorized attacker to gain administrative access to the Web-UI via network.

Vulnerable Configurations

Part	Description	Count
OS	Varta Varta Element Backup Firmware - Varta Element S1 Firmware - Varta Element S2 Firmware - Varta Element S3 Firmware - Varta Element S3 Firmware * Varta Element S4 Firmware - Varta ONE L Firmware - Varta ONE XL Firmware - Varta Pulse Firmware -	9
Hardware	Varta Varta Element Backup - Varta Element S1 - Varta Element S2 - Varta Element S3 - Varta Element S4 - Varta ONE L - Varta ONE XL - Varta Pulse -	8

References

https://cert.vde.com/en/advisories/VDE-2022-061/
https://cert.vde.com/en/advisories/VDE-2022-061/