Vulnerability Database

296,760

Total vulnerabilities in the database

CVE-2022-2822

An attacker can freely brute force username and password and can takeover any account. An attacker could easily guess user passwords and gain access to user and administrative accounts.

Published: Aug 15, 2022
Updated: May 9, 2024
CVE: CVE-2022-2822
GHSA: GHSA-5w5x-q9p5-9qg3
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-307

Affected Software
References

Software	From	Fixed in
octoprint / octoprint	-	1.9.0
OctoPrint	-	1.7.3.x

https://github.com/octoprint/octoprint/commit/82c892ba40b3741d1b7711d949e56af64f5bc2de
https://huntr.dev/bounties/6369f355-e6ef-4469-af75-0f6ff00cde3d

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo