8.8
CVE-2023-38132
- EPSS 0.3%
- Veröffentlicht 18.08.2023 10:15:11
- Zuletzt bearbeitet 21.11.2024 08:12:55
- Quelle vultures@jpcert.or.jp
- CVE-Watchlists
- Unerledigt
LoginLAN-W451NGR all versions provided by LOGITEC CORPORATION contains an improper access control vulnerability, which allows an unauthenticated attacker to log in to telnet service.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.3% | 0.212 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
https://www.elecom.co.jp/news/security/20230810-01/
https://jvn.jp/en/vu/JVNVU91630351/