10

CVE-2024-3765

A vulnerability classified as critical was found in Xiongmai AHB7804R-MH-V2, AHB8004T-GL, AHB8008T-GL, AHB7004T-GS-V3, AHB7004T-MHV2, AHB8032F-LME and XM530_R80X30-PQ_8M. Affected by this vulnerability is an unknown functionality of the component Sofia Service. The manipulation with the input ff00000000000000000000000000f103250000007b202252657422203a203130302c202253657373696f6e494422203a202230783022207d0a leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260605 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users.
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Vendorxiongmaitech
Product ahb7804r-mh-v2_firmware
Default Statusunknown
Version 4.02.r11.24340142.10001.131900.00000
Status affected
Version 4.02.r11.a8531149.10001.131900.00000
Status affected
Version 4.02.r11.c6380171.11201.141900.00000
Status affected
Version 4.03.r11.0000020x.11201.042300.0000005
Status affected
Version 4.03.r11.4912720b.11201.142300.0000004
Status affected
Version 4.03.r11.4912720d.11201.142300.0000004
Status affected
Version 4.03.r11.4915714a.12201.142300.0000000
Status affected
Version 5.00.r02.00030751.10010.348717.0000000
Status affected
Vendorxiongmaitech
Product ahb8008t-gl_firmware
Default Statusunknown
Version 4.03.r11.4915714a.12201.142300.0000000
Status affected
Vendorxiongmaitech
Product ahb8008t-gl_firmware
Default Statusunknown
Version 4.02.r11.a8531149.10001.131900.00000
Status affected
Vendorxiongmaitech
Product ahb8008t-gl_firmware
Default Statusunknown
Version 4.03.r11.4912720b.11201.142300.0000004
Status affected
Vendorxiongmaitech
Product ahb8008t-gl_firmware
Default Statusunknown
Version 4.03.r11.4912720d.11201.142300.0000004
Status affected
Vendorxiongmaitech
Product ahb8008t-gl_firmware
Default Statusunknown
Version 5.00.r02.00030751.10010.348717.0000000
Status affected
Vendorxiongmaitech
Product ahb8008t-gl_firmware
Default Statusunknown
Version 4.02.r11.c6380171.11201.141900.00000
Status affected
Vendorxiongmaitech
Product ahb8008t-gl_firmware
Default Statusunknown
Version 4.03.r11.0000020x.11201.042300.0000005
Status affected
Vendorxiongmaitech
Product ahb8008t-gl_firmware
Default Statusunknown
Version 4.02.r11.24340142.10001.131900.00000
Status affected
Vendorxiongmaitech
Product ahb8004t-gl_firmware
Default Statusunknown
Version 4.03.r11.4915714a.12201.142300.0000000
Status affected
Vendorxiongmaitech
Product ahb8004t-gl_firmware
Default Statusunknown
Version 4.02.r11.a8531149.10001.131900.00000
Status affected
Vendorxiongmaitech
Product ahb8004t-gl_firmware
Default Statusunknown
Version 4.03.r11.4912720b.11201.142300.0000004
Status affected
Vendorxiongmaitech
Product ahb8004t-gl_firmware
Default Statusunknown
Version 4.03.r11.4912720d.11201.142300.0000004
Status affected
Vendorxiongmaitech
Product ahb8004t-gl_firmware
Default Statusunknown
Version 5.00.r02.00030751.10010.348717.0000000
Status affected
Vendorxiongmaitech
Product ahb8004t-gl_firmware
Default Statusunknown
Version 4.02.r11.c6380171.11201.141900.00000
Status affected
Vendorxiongmaitech
Product ahb8004t-gl_firmware
Default Statusunknown
Version 4.03.r11.0000020x.11201.042300.0000005
Status affected
Vendorxiongmaitech
Product ahb8004t-gl_firmware
Default Statusunknown
Version 4.02.r11.24340142.10001.131900.00000
Status affected
Vendorxiongmaitech
Product xm530_r80x30-pq_8m_firmware
Default Statusunknown
Version 4.03.r11.4915714a.12201.142300.0000000
Status affected
Vendorxiongmaitech
Product xm530_r80x30-pq_8m_firmware
Default Statusunknown
Version 4.02.r11.a8531149.10001.131900.00000
Status affected
Vendorxiongmaitech
Product xm530_r80x30-pq_8m_firmware
Default Statusunknown
Version 4.03.r11.4912720b.11201.142300.0000004
Status affected
Vendorxiongmaitech
Product xm530_r80x30-pq_8m_firmware
Default Statusunknown
Version 4.03.r11.4912720d.11201.142300.0000004
Status affected
Vendorxiongmaitech
Product xm530_r80x30-pq_8m_firmware
Default Statusunknown
Version 5.00.r02.00030751.10010.348717.0000000
Status affected
Vendorxiongmaitech
Product xm530_r80x30-pq_8m_firmware
Default Statusunknown
Version 4.02.r11.c6380171.11201.141900.00000
Status affected
Vendorxiongmaitech
Product xm530_r80x30-pq_8m_firmware
Default Statusunknown
Version 4.03.r11.0000020x.11201.042300.0000005
Status affected
Vendorxiongmaitech
Product xm530_r80x30-pq_8m_firmware
Default Statusunknown
Version 4.02.r11.24340142.10001.131900.00000
Status affected
Vendorxiongmaitech
Product ahb7004t-gs-v3_firmware
Default Statusunknown
Version 4.03.r11.4915714a.12201.142300.0000000
Status affected
Vendorxiongmaitech
Product ahb7004t-gs-v3_firmware
Default Statusunknown
Version 4.02.r11.a8531149.10001.131900.00000
Status affected
Vendorxiongmaitech
Product ahb7004t-gs-v3_firmware
Default Statusunknown
Version 4.03.r11.4912720b.11201.142300.0000004
Status affected
Vendorxiongmaitech
Product ahb7004t-gs-v3_firmware
Default Statusunknown
Version 4.03.r11.4912720d.11201.142300.0000004
Status affected
Vendorxiongmaitech
Product ahb7004t-gs-v3_firmware
Default Statusunknown
Version 5.00.r02.00030751.10010.348717.0000000
Status affected
Vendorxiongmaitech
Product ahb7004t-gs-v3_firmware
Default Statusunknown
Version 4.02.r11.c6380171.11201.141900.00000
Status affected
Vendorxiongmaitech
Product ahb7004t-gs-v3_firmware
Default Statusunknown
Version 4.03.r11.0000020x.11201.042300.0000005
Status affected
Vendorxiongmaitech
Product ahb7004t-gs-v3_firmware
Default Statusunknown
Version 4.02.r11.24340142.10001.131900.00000
Status affected
Vendorxiongmaitech
Product ahb8032f-lme_firmware
Default Statusunknown
Version 4.03.r11.4915714a.12201.142300.0000000
Status affected
Vendorxiongmaitech
Product ahb8032f-lme_firmware
Default Statusunknown
Version 4.02.r11.a8531149.10001.131900.00000
Status affected
Vendorxiongmaitech
Product ahb8032f-lme_firmware
Default Statusunknown
Version 4.03.r11.4912720b.11201.142300.0000004
Status affected
Vendorxiongmaitech
Product ahb8032f-lme_firmware
Default Statusunknown
Version 4.03.r11.4912720d.11201.142300.0000004
Status affected
Vendorxiongmaitech
Product ahb8032f-lme_firmware
Default Statusunknown
Version 5.00.r02.00030751.10010.348717.0000000
Status affected
Vendorxiongmaitech
Product ahb8032f-lme_firmware
Default Statusunknown
Version 4.02.r11.c6380171.11201.141900.00000
Status affected
Vendorxiongmaitech
Product ahb8032f-lme_firmware
Default Statusunknown
Version 4.03.r11.0000020x.11201.042300.0000005
Status affected
Vendorxiongmaitech
Product ahb8032f-lme_firmware
Default Statusunknown
Version 4.02.r11.24340142.10001.131900.00000
Status affected
Vendorxiongmaitech
Product ahb7004t-mhv2_firmware
Default Statusunknown
Version 4.03.r11.4915714a.12201.142300.0000000
Status affected
Vendorxiongmaitech
Product ahb7004t-mhv2_firmware
Default Statusunknown
Version 4.02.r11.a8531149.10001.131900.00000
Status affected
Vendorxiongmaitech
Product ahb7004t-mhv2_firmware
Default Statusunknown
Version 4.03.r11.4912720b.11201.142300.0000004
Status affected
Vendorxiongmaitech
Product ahb7004t-mhv2_firmware
Default Statusunknown
Version 4.03.r11.4912720d.11201.142300.0000004
Status affected
Vendorxiongmaitech
Product ahb7004t-mhv2_firmware
Default Statusunknown
Version 5.00.r02.00030751.10010.348717.0000000
Status affected
Vendorxiongmaitech
Product ahb7004t-mhv2_firmware
Default Statusunknown
Version 4.02.r11.c6380171.11201.141900.00000
Status affected
Vendorxiongmaitech
Product ahb7004t-mhv2_firmware
Default Statusunknown
Version 4.03.r11.0000020x.11201.042300.0000005
Status affected
Vendorxiongmaitech
Product ahb7004t-mhv2_firmware
Default Statusunknown
Version 4.02.r11.24340142.10001.131900.00000
Status affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.22% 0.449
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
cna@vuldb.com 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cna@vuldb.com 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.