Main Vulnerability Database Vulnerabilities #VU66030

Information disclosure in LinkHub Mesh Wifi - CVE-2022-27630

Published: August 3, 2022

Vulnerability identifier: #VU66030

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2022-27630

CWE-ID: CWE-200

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vulnerable software:
LinkHub Mesh Wifi

Software vendor:
TCL

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application in the confctl_get_master_wlan functionality. A remote attacker on the local network can gain unauthorized access to sensitive information on the system.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1504

Information disclosure in LinkHub Mesh Wifi - CVE-2022-27630

Description

Remediation

External links

Please verify you're human