Vulnerability Details CVE-2023-5702
A vulnerability was found in Viessmann Vitogate 300 up to 2.1.3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /cgi-bin/. The manipulation leads to direct request. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-243140. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.283
EPSS Ranking 96.3%
CVSS Severity
CVSS v3 Score 4.3
CVSS v2 Score 3.3
References
- https://github.com/GTA12138/vul/blob/main/Viessmann/Vitogate300_Document_Unauthorized_Access.md
- https://vuldb.com/?ctiid.243140
- https://vuldb.com/?id.243140
- https://github.com/GTA12138/vul/blob/main/Viessmann/Vitogate300_Document_Unauthorized_Access.md
- https://vuldb.com/?ctiid.243140
- https://vuldb.com/?id.243140
Products affected by CVE-2023-5702
-
cpe:2.3:h:viessmann:vitogate_300:-
-
cpe:2.3:o:viessmann:vitogate_300_firmware:-
-
cpe:2.3:o:viessmann:vitogate_300_firmware:2.1.3.0