Cyber Posture

CVE-2022-50803

CriticalPublic PoC

Published: 30 December 2025

Published
30 December 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0010 27.6th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-50803 is a critical-severity Use of Default Credentials (CWE-1392) vulnerability. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Default Accounts (T1078.001); ranked at the 27.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-2 (Account Management) and IA-5 (Authenticator Management).

Threat & Defense at a Glance

What attackers do: exploitation maps to Default Accounts (T1078.001). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

IA-5 Authenticator Management good match
prevent

Directly requires changing default authenticators prior to first use, preventing unauthorized administrative access via known credentials.

AC-2 Account Management good match
prevent

Mandates management of accounts including creation, modification, and disabling of unnecessary or default accounts to block unauthorized access.

CM-6 Configuration Settings partial match
prevent

Enforces secure configuration settings that include non-default credentials and restrictive access configurations for the device.

MITRE ATT&CK Enterprise TechniquesAI

T1078.001 Default Accounts Stealth
Adversaries may obtain and abuse credentials of a default account as a means of gaining Initial Access, Persistence, Privilege Escalation, or Defense Evasion.
attack.mitre.org →
Why these techniques?

The vulnerability involves default credentials enabling unauthorized administrative access, directly mapping to T1078.001: Default Accounts.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

JM-DATA ONU JF511-TV version 1.0.67 uses default credentials that allow attackers to gain unauthorized access to the device with administrative privileges.

Deeper analysisAI

CVE-2022-50803 is a critical vulnerability in the JM-DATA ONU JF511-TV version 1.0.67, where the device uses default credentials that permit unauthorized access with administrative privileges. This issue, classified under CWE-1392, carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), reflecting its high severity due to network accessibility, low attack complexity, and potential for complete compromise of confidentiality, integrity, and availability.

Remote attackers require no privileges, user interaction, or special conditions to exploit this flaw by simply authenticating with the default credentials. Upon success, they obtain full administrative control over the ONU device, enabling arbitrary actions such as configuration changes, data extraction, or disruption of network services.

Advisories on this vulnerability are published by CXSecurity (WLB-2022060058), IBM X-Force Exchange, Packet Storm Security, and VulnCheck, with the manufacturer's site at https://www.jm-data.com/. Security practitioners should review these references for guidance on mitigations, such as changing default credentials or applying any available firmware updates.

Details

CWE(s)
CWE-1392

Affected Products

JM-DATA ONU JF511-TV
inferred from references and description; NVD did not file a CPE for this CVE

CVEs Like This One

CVE-2025-2398Shared CWE-1392
CVE-2025-8731Shared CWE-1392
CVE-2026-1803Shared CWE-1392
CVE-2025-54756Shared CWE-1392
CVE-2025-1160Shared CWE-1392
CVE-2025-10542Shared CWE-1392
CVE-2026-26341Shared CWE-1392
CVE-2026-27751Shared CWE-1392
CVE-2025-0482Shared CWE-1392
CVE-2023-27573Shared CWE-1392

References