Lucene search

K
cvelistVulDBCVELIST:CVE-2023-7211
HistoryJan 07, 2024 - 10:00 a.m.

CVE-2023-7211 Uniway Router Administrative Web Interface reliance on ip address for authentication

2024-01-0710:00:05
CWE-291
VulDB
www.cve.org
cve-2023-7211
uniway router
administrative web interface
ip address authentication

5.6 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

8.3 High

AI Score

Confidence

High

5.1 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

54.1%

A vulnerability was found in Uniway Router 2.0. It has been declared as critical. This vulnerability affects unknown code of the component Administrative Web Interface. The manipulation leads to reliance on ip address for authentication. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-249766 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CNA Affected

[
  {
    "vendor": "Uniway",
    "product": "Router",
    "versions": [
      {
        "version": "2.0",
        "status": "affected"
      }
    ],
    "modules": [
      "Administrative Web Interface"
    ]
  }
]

5.6 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

8.3 High

AI Score

Confidence

High

5.1 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

54.1%

Related for CVELIST:CVE-2023-7211