Login Sign Up

CVE-2022-39989

9.8 CRITICAL
Authentication Bypass

📋 TL;DR

Fighting Cock Information System 1.0 uses hardcoded default credentials that administrators cannot change during installation. This allows attackers to gain administrative access to the system. All installations of this software are affected unless manually secured.

💻 Affected Systems

Products:
  • Fighting Cock Information System
Versions: 1.0
Operating Systems: Any OS running PHP web applications
Default Config Vulnerable: ⚠️ Yes
Notes: All default installations are vulnerable. The system does not prompt for credential changes during setup.

📦 What is this software?

Fighting Cock Information System by Fighting Cock Information System Project

View all CVEs affecting Fighting Cock Information System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing data theft, modification, deletion, or installation of backdoors/malware.

🟠

Likely Case

Unauthorized administrative access leading to data exposure and system manipulation.

🟢

If Mitigated

No impact if default credentials are changed or access controls are properly implemented.

🌐 Internet-Facing: HIGH - Internet-facing instances are directly accessible to attackers.
🏢 Internal Only: MEDIUM - Internal instances are vulnerable to insider threats or compromised internal systems.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires only knowledge of default credentials and access to login page.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: N/A

Vendor Advisory: N/A

Restart Required: No

Instructions:

No official patch available. Manually change default credentials in the application configuration/database.

🔧 Temporary Workarounds

Change Default Credentials

all

Manually change the default administrator username and password in the application.

N/A - Manual configuration required

Implement Network Access Controls

all

Restrict access to the application using firewalls or network segmentation.

N/A - Network configuration required

🧯 If You Can't Patch

  • Immediately change all default credentials to strong, unique passwords
  • Implement IP whitelisting to restrict access to trusted networks only

🔍 How to Verify

Check if Vulnerable:

Attempt to log in using default credentials (admin/admin or similar) at the application login page.

Check Version:

Check application version in admin panel or about page, or examine source code files.

Verify Fix Applied:

Verify that default credentials no longer work and only strong, unique credentials provide access.

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed login attempts followed by successful login with default credentials
  • Administrative actions from unexpected IP addresses

Network Indicators:

  • Unauthenticated access to admin endpoints
  • Traffic patterns indicating credential guessing

SIEM Query:

source="web_logs" (username="admin" OR password="admin") AND action="login_success"

📊 Metadata

CVE ID: CVE-2022-39989
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-798
Published: April 26, 2023
Last Updated: February 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-39989, you might also want to check these:

CVE-2025-20188 10.0

This critical vulnerability in Cisco IOS XE Wireless LAN Controllers allows unauthenticated remote a...

Same vulnerability type (CWE-798)
CVE-2026-22769 10.0

Dell RecoverPoint for Virtual Machines versions before 6.0.3.1 HF1 contain hardcoded credentials tha...

Same vulnerability type (CWE-798)
CVE-2021-0248 10.0

This vulnerability involves hard-coded credentials in Juniper Junos OS on NFX Series devices, allowi...

Same vulnerability type (CWE-798)