Skip to main content

Sgsetup

1 CVEs product

Monthly

CVE-2022-25569 CRITICAL POC Act Now

Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use static SSH keys across installations, allowing unauthenticated attackers to login as root users via extracting a key from the software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Sgsetup
NVD
CVSS 3.1
9.8
EPSS
1.1%
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use static SSH keys across installations, allowing unauthenticated attackers to login as root users via extracting a key from the software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Sgsetup
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy