8.7
CVE-2024-58337
- EPSS 0.04%
- Veröffentlicht 30.12.2025 22:41:44
- Zuletzt bearbeitet 16.01.2026 19:16:15
- Quelle disclosure@vulncheck.com
- CVE-Watchlists
- Unerledigt
LoginAkuvox Smart Intercom S539 contains an improper access control vulnerability that allows users with 'User' privileges to modify API access settings and configurations. Attackers can exploit this vulnerability to escalate privileges and gain unauthorized access to administrative functionalities.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Akuvox ≫ S539 Firmware Version912.30.1.137
Akuvox ≫ S532 Firmware Version912.30.1.137
Akuvox ≫ X916 Firmware Version912.30.1.137
Akuvox ≫ X915 Firmware Version912.30.1.137
Akuvox ≫ X912 Firmware Version912.30.1.137
Akuvox ≫ R29 Firmware Version912.30.1.137
Akuvox ≫ E16c Firmware Version912.30.1.137
Akuvox ≫ R20k-2 Firmware Version912.30.1.137
Akuvox ≫ R20a-2 Firmware Version912.30.1.137
Akuvox ≫ C313w-2 Firmware Version912.30.1.137
Akuvox ≫ Ns-2 Firmware Version912.30.1.137
Akuvox ≫ Nc-2 Firmware Version912.30.1.137
Akuvox ≫ Nx-2 Firmware Version912.30.1.137
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.098 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| disclosure@vulncheck.com | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
|
| disclosure@vulncheck.com | 8.7 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| nvd@nist.gov | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
|
CWE-862 Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.