Lucene search
HistoryMay 04, 2023 - 9:15 p.m.
CVE-2023-30399
insecure permissions
garo wallbox
man-in-the-middle
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.8
Confidence
High
EPSS
0.002
Percentile
52.7%
Insecure permissions in the settings page of GARO Wallbox GLB/GTB/GTC before v189 allows attackers to redirect users to a crafted update package link via a man-in-the-middle attack.
Affected configurations
Node
garowallbox_glb_firmwareRange≤189
garowallbox_glbMatch-
Node
garowallbox_gtb_firmwareRange≤189
garowallbox_gtbMatch-
Node
garowallbox_gtc_firmwareRange≤189
garowallbox_gtcMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| garo | wallbox_glb_firmware | * | cpe:2.3:o:garo:wallbox_glb_firmware:*:*:*:*:*:*:*:* |
| garo | wallbox_glb | - | cpe:2.3:h:garo:wallbox_glb:-:*:*:*:*:*:*:* |
| garo | wallbox_gtb_firmware | * | cpe:2.3:o:garo:wallbox_gtb_firmware:*:*:*:*:*:*:*:* |
| garo | wallbox_gtb | - | cpe:2.3:h:garo:wallbox_gtb:-:*:*:*:*:*:*:* |
| garo | wallbox_gtc_firmware | * | cpe:2.3:o:garo:wallbox_gtc_firmware:*:*:*:*:*:*:*:* |
| garo | wallbox_gtc | - | cpe:2.3:h:garo:wallbox_gtc:-:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2023-30399
2023-05-04 00:00:00
prion
prion
Code injection
2023-05-04 21:15:00
cve
cve
CVE-2023-30399
2023-05-04 21:15:11
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.8
Confidence
High
EPSS
0.002
Percentile
52.7%
Related for NVD:CVE-2023-30399