Vulnerability Details CVE-2023-51059
An issue in MOKO TECHNOLOGY LTD MOKOSmart MKGW1 BLE Gateway v.1.1.1 and before allows a remote attacker to escalate privileges via the session management component of the administrative web interface.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.7%
CVSS Severity
CVSS v3 Score 8.8
References
- https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220120-01_MOKOSmart_MKGW1_Gateway_Improper_Session_Management
- https://www.mokosmart.com/wp-content/uploads/2019/10/GS-gateway.pdf
- https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220120-01_MOKOSmart_MKGW1_Gateway_Improper_Session_Management
- https://www.mokosmart.com/wp-content/uploads/2019/10/GS-gateway.pdf
Products affected by CVE-2023-51059
-
cpe:2.3:h:mokosmart:mkgw1_gateway:-
-
cpe:2.3:o:mokosmart:mkgw1_gateway_firmware:*