PRIOn knowledge basePRION:CVE-2023-23901

HistoryMay 10, 2023 - 6:15 a.m.

Input validation

2023-05-1006:15:00

PRIOn knowledge base

www.prio-n.com

input validation

firmware vulnerability

remote attacker

webui communication

nvd

7.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.6%

JSON

Improper following of a certificate’s chain of trust exists in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, and SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier, which may allow a remote unauthenticated attacker to eavesdrop on or alter the communication sent to the WebUI of the product.

CPENameOperatorVersion
skybridge_basic_mb-a130_firmwarele1.4.1
skybridge_mb-a200_firmwarele01.00.05

CPE	Name	Operator	Version
	skybridge_basic_mb-a130_firmware	le	1.4.1
	skybridge_mb-a200_firmware	le	01.00.05

References

jvn.jp/en/jp/JVN40604023/

www.seiko-sol.co.jp/archives/73969/

www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/

www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/

www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/

www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/