CVE-2022-35513
CVE-2022-35513
Vexday Risk Score
23Low
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Proof of concept
Popular PoC on GitHub (2 stars) — exploitation code widely available.
CVSS —EPSS 4.4%KEV nãoPoC públicaNuclei —Metasploit —Patch —
Lifecycle
05 Jul 2022Public PoC
07 Sep 2022Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
The Blink1Control2 application <= 2.2.7 uses weak password encryption and an insecure method of storage.
Affected products
n/a · n/apublic PoCs found — 3
githubgithub.com/p1ckzi/CVE-2022-35513★ 2cve_referencepacketstormsecurity.com/files/168428/Blink1Control2-2.2.7-Weak-Password-Encryption.htmlunverifiedexploitdbwww.exploit-db.com/exploits/51014unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.