CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-24080

A lack of rate limiting on the password reset endpoint of Chamberlain myQ v5.222.0.32277 (on iOS) allows attackers to compromise user accounts via a bruteforce attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 61.5%

CVSS Severity

CVSS v3 Score 9.8

References

http://chamberlain.com
http://web.archive.org/web/20230122144550/https://brackish.io/chamberlain-myq-account-takeover/
https://archive.ph/NH0Bk
http://chamberlain.com
http://web.archive.org/web/20230122144550/https://brackish.io/chamberlain-myq-account-takeover/
https://archive.ph/NH0Bk

Products affected by CVE-2023-24080

Chamberlain » Myq » Version: 5.222.0.32277

cpe:2.3:a:chamberlain:myq:5.222.0.32277

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-24080

Products

Pricing

Contact Us