Incorrect access control in firmware upgrade function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote authenticated users to submit a firmware image via HTTP POST requests. This may result in DoS or remote code execution.
[
{
"cpes": [
"cpe:2.3:a:aten:pe6208:2.3.228:*:*:*:*:*:*:*"
],
"vendor": "aten",
"product": "pe6208",
"versions": [
{
"status": "affected",
"version": "2.3.228"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:aten:pe6208:2.4.232:*:*:*:*:*:*:*"
],
"vendor": "aten",
"product": "pe6208",
"versions": [
{
"status": "affected",
"version": "2.4.232"
}
],
"defaultStatus": "unknown"
}
]