CVE-2022-47618

Summary

Merit LILIN AH55B04 & AH55B08 DVR firm has hard-coded administrator credentials. An unauthenticated remote attacker can use these credentials to log in administrator page, to manipulate system or disrupt service.

Affected Software

VendorProductVersion RangeStatus
Merit Lilin Ent. Co., Ltd.AH55B04 DVR firmwareunspecified <= SVN#7570affected
Merit Lilin Ent. Co., Ltd.AH55B08 DVR firmwareunspecified <= SVN#7570affected

Weaknesses

  • CWE-798: CWE-798 Use of Hard-coded Credentials

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References