← Retour aux CVEs
CVE-2024-8887
CRITICAL10.0
Description
CIRCUTOR Q-SMT in its firmware version 1.0.4, could be affected by a denial of service (DoS) attack if an attacker with access to the web service bypasses the authentication mechanisms on the login page, allowing the attacker to use all the functionalities implemented at web level that allow interacting with the device.
Details CVE
Score CVSS v3.110.0
SeveriteCRITICAL
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie9/18/2024
Derniere modification10/1/2024
Sourcenvd
Observations honeypot0
Produits affectes
circutor:q-smtcircutor:q-smt_firmware
Faiblesses (CWE)
CWE-1284CWE-1284
References
https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-circutor-products(cve-coordination@incibe.es)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.