Vulnerabilities > Phicomm > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-10 | CVE-2022-25213 | Use of Hard-coded Credentials vulnerability in Phicomm products Improper physical access control and use of hard-coded credentials in /etc/passwd permits an attacker with physical access to obtain a root shell via an unprotected UART port on the device. | 6.8 |
| 2022-03-10 | CVE-2022-25215 | Unspecified vulnerability in Phicomm products Improper access control on the LocalMACConfig.asp interface allows an unauthenticated remote attacker to add (or remove) client MAC addresses to (or from) a list of banned hosts. | 5.3 |