CVE-2023-49255
published 2024-01-12CVE-2023-49255: The router console is accessible without authentication at "data" field, and while a user needs to be logged in in order to modify the configuration, the…
PriorityP358critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.72%
49.1th percentile
The router console is accessible without authentication at "data" field, and while a user needs to be logged in in order to modify the configuration, the session state is shared. If any other user is currently logged in, the anonymous user can execute commands in the context of the authenticated one. If the logged in user has administrative privileges, it is possible to use webadmin service configuration commands to create a new admin user with a chosen password.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hongdian | h8951-4g-esp | < 2310271149 | 2310271149 |
| hongdian | h8951-4g-esp_firmware | < 2310271149 | 2310271149 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-v64q-49fj-whh5: An XSS attack can be performed by changing the MOTD banner and pointing the victim to the "terminal_tool
ghsa_unreviewed·2024-01-12·CVSS 9.8
CVE-2023-49260 [CRITICAL] CWE-79 GHSA-v64q-49fj-whh5: An XSS attack can be performed by changing the MOTD banner and pointing the victim to the "terminal_tool
An XSS attack can be performed by changing the MOTD banner and pointing the victim to the "terminal_tool.cgi" path. It can be used together with the vulnerability CVE-2023-49255.
GHSA
GHSA-fw6m-hgqv-hr8c: The router console is accessible without authentication at "data" field, and while a user needs to be logged in in order to modify the configuration,
ghsa_unreviewed·2024-01-12
CVE-2023-49255 [CRITICAL] CWE-306 GHSA-fw6m-hgqv-hr8c: The router console is accessible without authentication at "data" field, and while a user needs to be logged in in order to modify the configuration,
The router console is accessible without authentication at "data" field, and while a user needs to be logged in in order to modify the configuration, the session state is shared. If any other user is currently logged in, the anonymous user can execute commands in the context of the authenticated one. If the logged in user has administrative privileges, it is possible to use webadmin service configuration commands to create a new admin user with a chosen password.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-01-12
Published