Vulnerabilities > Owllabs > Meeting OWL PRO Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-02 | CVE-2022-31460 | Use of Hard-coded Credentials vulnerability in Owllabs Meeting OWL PRO Firmware 5.2.0.15 Owl Labs Meeting Owl 5.2.0.15 allows attackers to activate Tethering Mode with hard-coded hoothoot credentials via a certain c 150 value. | 7.4 |
| 2022-06-02 | CVE-2022-31462 | Use of Hard-coded Credentials vulnerability in Owllabs Meeting OWL PRO Firmware 5.2.0.15 Owl Labs Meeting Owl 5.2.0.15 allows attackers to control the device via a backdoor password (derived from the serial number) that can be found in Bluetooth broadcast data. | 8.8 |
| 2022-06-02 | CVE-2022-31463 | Improper Authentication vulnerability in Owllabs Meeting OWL PRO Firmware 5.2.0.15 Owl Labs Meeting Owl 5.2.0.15 does not require a password for Bluetooth commands, because only client-side authentication is used. | 7.1 |