Known Vulnerabilities
CVE-2022-32967
RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and server information.
LOW
CVSS 2.1
Published Nov 29, 2022
CVE-2022-32966
RTL8168FP-CG Dash remote management function has missing authorization. An unauthenticated attacker within the adjacent network can connect to DASH service port to disrupt service.
MEDIUM
CVSS 6.5
Published Nov 29, 2022