Vulnerabilities > Patlite > NHL 3Fb1 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-29 | CVE-2022-38625 | Insufficient Verification of Data Authenticity vulnerability in Patlite products Patlite NH-FB v1.46 and below was discovered to contain insufficient firmware validation during the upgrade firmware file upload process. | 8.8 |
| 2019-03-21 | CVE-2018-18473 | Use of Hard-coded Credentials vulnerability in Patlite products A hidden backdoor on PATLITE NH-FB Series devices with firmware version 1.45 or earlier, NH-FV Series devices with firmware version 1.10 or earlier, and NBM Series devices with firmware version 1.09 or earlier allow attackers to enable an SSH daemon via the "kankichi" or "kamiyo4" password to the _secret1.htm URI. | 9.8 |