cbcvebase.
CVE-2023-23906
published 2023-05-10

CVE-2023-23906: Missing authentication for critical function exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker…

PriorityP351high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
1.30%
66.9th percentile
Missing authentication for critical function exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to execute some critical functions without authentication, e.g., rebooting the product.

Affected

3 ranges
VendorProductVersion rangeFixed in
seiko-solskybridge_mb-a100_firmware<= 4.2.0
seiko-solskybridge_mb-a110_firmware<= 4.2.0
seiko_solutions_incskybridge_mb-a100_110
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.