CVE-2026-22906
CRITICALSeverity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
User credentials are stored using AES‑ECB encryption with a hardcoded key. An unauthenticated remote attacker obtaining the configuration file can decrypt and recover plaintext usernames and passwords, especially when combined with the authentication bypass.
AnalysisAI
A device stores user credentials using AES-ECB encryption with a hard-coded key, allowing any attacker to decrypt all stored passwords.
Technical ContextAI
CWE-321 hard-coded cryptographic key used with AES-ECB mode (which doesn't hide patterns) for credential storage. Any attacker can extract and decrypt all credentials.
Affected ProductsAI
Affected device
RemediationAI
Apply firmware update. Use proper key management and AES-GCM or AES-CBC instead of ECB.
Same weakness CWE-321 – Use of Hard-coded Cryptographic Key
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today