CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-43849

Incorrect access control in firmware upgrade function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote authenticated users to submit a firmware image via HTTP POST requests. This may result in DoS or remote code execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.011

EPSS Ranking 77.2%

CVSS Severity

CVSS v3 Score 6.5

References

https://github.com/setersora/pe6208
https://github.com/setersora/pe6208

Products affected by CVE-2023-43849

Aten » Pe6208 » Version: N/A

cpe:2.3:h:aten:pe6208:-
Aten » Pe6208 Firmware » Version: 2.3.228

cpe:2.3:o:aten:pe6208_firmware:2.3.228
Aten » Pe6208 Firmware » Version: 2.4.231

cpe:2.3:o:aten:pe6208_firmware:2.4.231
Aten » Pe6208 Firmware » Version: 2.4.232

cpe:2.3:o:aten:pe6208_firmware:2.4.232

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-43849

Products

Pricing

Contact Us