CVE-2023-39695

Опубликовано: 31 окт. 2023

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

Insufficient session expiration in Elenos ETG150 FM Transmitter v3.12 allows attackers to arbitrarily change transmitter configuration and data after logging out.

Ссылки

https://github.com/strik3r0x1/Vulns/blob/35fe4fb3d5945b5df2a87aab0cf9ec6137bcf976/Insufficient%20Session%20Expiration%20-%20Elenos.md
Exploit
Product
Third Party Advisory
https://github.com/strik3r0x1/Vulns/blob/35fe4fb3d5945b5df2a87aab0cf9ec6137bcf976/Insufficient%20Session%20Expiration%20-%20Elenos.md
Exploit
Product
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:elenos:etg150_firmware:3.12:*:*:*:*:*:*:*

cpe:2.3:h:elenos:etg150:-:*:*:*:*:*:*:*

EPSS

Процентиль: 18%

0.00058

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-613

Связанные уязвимости

GHSA-424j-rr9q-xrp9