3 matches found
Welotec Industrial Routers Improper Access Control (CVE-2023-1083)
An unauthenticated remote attacker who is aware of a MQTT topic name can send and receive messages, including GET/SET configuration commands, reboot commands and firmware updates. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
CVE-2023-1083 Welotec: improper access control in TK500v1 router series
An unauthenticated remote attacker who is aware of a MQTT topic name can send and receive messages, including GET/SET configuration commands, reboot commands and firmware updates...
CVE-2023-1083
CVE-2023-1083 affects Welotec TK500v1 industrial routers. An unauthenticated remote attacker who knows the MQTT topic name can manipulate the device: send/receive messages, GET/SET configuration commands, reboot, and firmware updates due to improper access control. This vulnerability is rated CVS...