Lucene search

CertccCVE-2023-4498

HistorySep 06, 2023 - 5:15 p.m.

CVE-2023-4498

2023-09-0617:15:50

CWE-287

certcc

web.nvd.nist.gov

cve-2023-4498

tenda

n300

wireless

vdsl2

modem

router

unauthenticated access

nvd

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

5.5

Confidence

High

EPSS

0.001

Percentile

28.0%

JSON

Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn should be accessible to authenticated users only

Affected configurations

Nvd

Node

tendan300_firmwareMatch53.0.1.6

AND

tendan300Match-

VendorProductVersionCPE
tendan300_firmware53.0.1.6cpe:2.3:o:tenda:n300_firmware:53.0.1.6:*:*:*:*:*:*:*
tendan300-cpe:2.3:h:tenda:n300:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
tenda	n300_firmware	53.0.1.6	cpe:2.3:o:tenda:n300_firmware:53.0.1.6:::::::*
tenda	n300	-	cpe:2.3:h:tenda:n300:-:::::::*

CNA Affected

[
  {
    "vendor": "Tenda",
    "product": "N300 Wireless N VDSL2 Modem Router",
    "versions": [
      {
        "status": "affected",
        "version": "V53.0.1.6_EN"
      }
    ]
  }
]

References

kb.cert.org/vuls/id/304455

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

5.5

Confidence

High

EPSS

0.001

Percentile

28.0%

JSON

Related for CVE-2023-4498