CVE-2023-43848
CVE-2023-43848
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
28 May 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Incorrect access control in the firewall management function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote authenticated users to alter local firewall settings of the device as if they were the administrator via HTTP POST request.
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/aReferences
https://github.com/setersora/pe6208