7.8

CVE-2023-7209

Exploit
A vulnerability was found in Uniway Router up to 2.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boaform/device_reset.cgi of the component Device Reset Handler. The manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-249758 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
UniwayinfoUw-302vp Firmware Version <= 2.0
   UniwayinfoUw-302vp Version-
UniwayinfoUw-301vpw Firmware Version <= 2.0
   UniwayinfoUw-301vpw Version-
UniwayinfoUw-311vpw Firmware Version <= 2.0
   UniwayinfoUw-311vpw Version-
UniwayinfoUw-101x Firmware Version <= 2.0
   UniwayinfoUw-101x Version-
UniwayinfoUw-323dac Firmware Version <= 2.0
   UniwayinfoUw-323dac Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.07% 0.218
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
cna@vuldb.com 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
cna@vuldb.com 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
CWE-404 Improper Resource Shutdown or Release

The product does not release or incorrectly releases a resource before it is made available for re-use.

https://vuldb.com/?ctiid.249758
Third Party Advisory
VDB Entry
Permissions Required
https://vuldb.com/?id.249758
Third Party Advisory
VDB Entry
Permissions Required