CVE-2026-22543

Medium CVSS: 6.9

The credentials required to access the device's web server are sent in base64 within the HTTP headers. Since base64 is not considered a strong cipher, an attacker could intercept the web request handling the login and obtain the credentials

Vendor

Product

CWE

CWE-261

Yayın Tarihi

2026-01-07 17:16:04

Güncelleme

2026-01-08 18:08:54

Source Identifier

50b5080a-775f-442e-83b5-926b5ca517b6

KEV Date Added

Kategoriler

CWE-261 MEDIUM 2026

Referanslar

https://cds.thalesgroup.com/en