Описание
Improper following of a certificate's chain of trust exists in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, and SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier, which may allow a remote unauthenticated attacker to eavesdrop on or alter the communication sent to the WebUI of the product.
Improper following of a certificate's chain of trust exists in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, and SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier, which may allow a remote unauthenticated attacker to eavesdrop on or alter the communication sent to the WebUI of the product.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2023-23901
- https://jvn.jp/en/jp/JVN40604023
- https://www.seiko-sol.co.jp/archives/73969
- https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100
- https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130
- https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200
- https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210
Связанные уязвимости
Improper following of a certificate's chain of trust exists in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, and SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier, which may allow a remote unauthenticated attacker to eavesdrop on or alter the communication sent to the WebUI of the product.