Vulnerability Details CVE-2024-8889
Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which could allow an attacker to modify any configuration value, even if the device has the user/password authentication option enabled, without authentication by sending packets through the UDP protocol and port 2000, deconfiguring the device and thus disabling its use. This equipment is at the end of its useful life cycle.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.6%
CVSS Severity
CVSS v3 Score 9.3
References
Products affected by CVE-2024-8889
-
cpe:2.3:h:circutor:tcp2rs+:-
-
cpe:2.3:h:circutor:tcp2rs+_firmware:1.3b