What is CVE-2022-33174?

CVE-2022-33174 is a critical-severity vulnerability in N/a. CVSS score: 9.8/10. Published 2022-06-13.

How severe is CVE-2022-33174?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Is CVE-2022-33174 known to be exploited?

15 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2022-33174

Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 allows remote authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an HTTP packet to the data retrieval interf…

EPSS: 0.720 (98.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

Henry4E36/CVE-2022-33174
ARPSyndicate/cve-scores
ARPSyndicate/cvemon
ARPSyndicate/kenzer-templates
NaInSec/CVE-PoC-in-GitHub
SYRTI/POC_
WhooAmii/POC_
20142995/nuclei-templates
manas3c/CVE-POC
nomi-sec/PoC-in-GitHub

References

gynvael.coldwind.pl/ (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-33174?: CVE-2022-33174 is a critical-severity vulnerability in N/a. CVSS score: 9.8/10. Published 2022-06-13.
How severe is CVE-2022-33174?: Critical severity. CVSS v3 base score is 9.8 out of 10.
Is CVE-2022-33174 known to be exploited?: 15 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.