exploitDog

CVE-2023-41353

Опубликовано: 03 нояб. 2023

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. A remote attacker with regular user privilege can easily infer the administrator password from system information after logging system, resulting in admin access and performing arbitrary system operations or disrupt service.

Ссылки

https://www.twcert.org.tw/tw/cp-132-7503-a27ed-1.html
Third Party Advisory
https://www.twcert.org.tw/tw/cp-132-7503-a27ed-1.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:nokia:g-040w-q_firmware:g040wqr201207:*:*:*:*:*:*:*

cpe:2.3:h:nokia:g-040w-q:-:*:*:*:*:*:*:*

EPSS

Процентиль: 50%

0.00269

Низкий

8.8 High

CVSS3

Дефекты

CWE-521

CWE-521

Связанные уязвимости

GHSA-2h35-xq9p-w64x

CVSS3: 8.8

github

почти 2 года назад

Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. A remote attacker with regular user privilege can easily infer the administrator password from system information after logging system, resulting in admin access and performing arbitrary system operations or disrupt service.

EPSS

Процентиль: 50%

0.00269

Низкий

8.8 High

CVSS3

Дефекты

CWE-521

CWE-521