{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-16T22:16:42.214","vulnerabilities":[{"cve":{"id":"CVE-2022-37857","sourceIdentifier":"cve@mitre.org","published":"2022-09-08T16:15:08.937","lastModified":"2024-11-21T07:15:16.667","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"bilde2910 Hauk v1.6.1 requires a hardcoded password which by default is blank. This hardcoded password is hashed but stored within the config.php file server-side as well as in clear-text on the android client device by default."},{"lang":"es","value":"bilde2910 Hauk versión v1.6.1, requiere una contraseña embebida que, de forma predeterminada, está en blanco. Esta contraseña embebida está cifrada, pero es almacenada en el lado del servidor del archivo config.php, así como en texto sin cifrar en el dispositivo cliente de Android de forma predeterminada"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-312"},{"lang":"en","value":"CWE-798"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hauk_project:hauk:1.6.1:*:*:*:*:*:*:*","matchCriteriaId":"02566E9E-AFE8-4920-844D-09F03C7F8F68"}]}]}],"references":[{"url":"https://gainsec.com/2022/08/07/cve-2022-hardcoded-creds-weak-password-hauk-android-location-sharing/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/bilde2910/Hauk/issues/187","source":"cve@mitre.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://gainsec.com/2022/08/07/cve-2022-hardcoded-creds-weak-password-hauk-android-location-sharing/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/bilde2910/Hauk/issues/187","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]}]}}]}