← Zuruck zu CVEs
CVE-2023-34671
HIGH8.8
Beschreibung
Improper Access Control leads to privilege escalation affecting Elenos ETG150 FM transmitter running on version 3.12 by exploiting user's role in the user profile. An attack could occur over the public Internet in some cases.
CVE Details
CVSS v3.1 Bewertung8.8
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht6/23/2023
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
elenos:etg150_fmelenos:etg150_fm_firmware
Referenzen
http://elenos.com(cve@mitre.org)
http://elenos.com(af854a3a-2127-422b-91ae-364da2661108)
https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-34671(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.