Vulnerability Details CVE-2023-24052
An issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain control of the device via the change password functionality as it does not prompt for the current password.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 26.6%
CVSS Severity
CVSS v3 Score 9.8
References
- https://research.nccgroup.com/2023/10/19/technical-advisory-multiple-vulnerabilities-in-connectize-g6-ac2100-dual-band-gigabit-wifi-router-cve-2023-24046-cve-2023-24047-cve-2023-24048-cve-2023-24049-cve-2023-24050-cve-2023-24051-cve/
- https://research.nccgroup.com/2023/10/19/technical-advisory-multiple-vulnerabilities-in-connectize-g6-ac2100-dual-band-gigabit-wifi-router-cve-2023-24046-cve-2023-24047-cve-2023-24048-cve-2023-24049-cve-2023-24050-cve-2023-24051-cve/
Products affected by CVE-2023-24052
-
cpe:2.3:h:connectize:ac21000_g6:-
-
cpe:2.3:o:connectize:ac21000_g6_firmware:641.139.1.1256