CVSS 3.1 Score 6.5 of 10 (medium)


Published Oct 27, 2023
Updated: Nov 7, 2023
CWE ID 287


CVE-2022-3681 is a vulnerability found in the MR2600 router v1.0.18 and earlier versions. It allows an attacker within range of the wireless network to perform a brute force attack on the WPS pin, potentially gaining unauthorized access to the network. The vulnerability has a base severity rating of MEDIUM and a base score of 6.5 according to NIST's National Vulnerability Database (NVD). The exploitability score is 2.8, indicating a moderate level of difficulty for attackers to exploit this vulnerability. Although no privileges are required, this vulnerability does not require user interaction. The confidentiality impact is rated as HIGH, meaning that sensitive information could be compromised if exploited successfully. The attack vector is through an adjacent network and the attack complexity is low. There is no impact on integrity or availability. Remediation measures should include updating the MR2600 router firmware to the latest version available to mitigate this vulnerability and enhance network security.

Note: Additional information could be provided if available from other sources or further analysis of the CVE entry.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2022-3681 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options