Rtl8111Fp Cg Firmware
CVE-2022-32966
MEDIUM
Severity by source
AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from Vendor (cert) · only source for this CVE.
CVSS VectorVendor: cert
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionCVE.org
RTL8168FP-CG Dash remote management function has missing authorization. An unauthenticated attacker within the adjacent network can connect to DASH service port to disrupt service.
AnalysisAI
RTL8168FP-CG Dash remote management function has missing authorization. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Missing Authorization (CWE-862), which allows attackers to access resources or perform actions without proper authorization checks. RTL8168FP-CG Dash remote management function has missing authorization. An unauthenticated attacker within the adjacent network can connect to DASH service port to disrupt service. Affected products include: Realtek Rtl8111Fp-Cg Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement role-based access control, validate authorization on every request server-side, apply principle of least privilege.
More in Rtl8111Fp Cg Firmware
View allSame weakness CWE-862 – Missing Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today