Описание
A misconfiguration exists in the MQTTS functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. This misconfiguration significantly simplifies a man-in-the-middle attack, which directly leads to control of device functionality.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:sealevel:seaconnect_370w_firmware:1.3.34:*:*:*:*:*:*:*
cpe:2.3:h:sealevel:seaconnect_370w:-:*:*:*:*:*:*:*
EPSS
Процентиль: 53%
0.00306
Низкий
7.7 High
CVSS3
8.1 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-295
CWE-295
Связанные уязвимости
CVSS3: 8.1
github
почти 4 года назад
A misconfiguration exists in the MQTTS functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. This misconfiguration significantly simplifies a man-in-the-middle attack, which directly leads to control of device functionality.
EPSS
Процентиль: 53%
0.00306
Низкий
7.7 High
CVSS3
8.1 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-295
CWE-295