cbcvebase.
CVE-2024-5947
published 2024-06-13

CVE-2024-5947: Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent…

PriorityP343medium6.5CVSS 3.1
AVAACLPRNUINSUCHINAN
EXPLOIT
EPSS
2.42%
82.1th percentile
Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web-based UI. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-22679.

Affected

2 ranges
VendorProductVersion rangeFixed in
deep_sea_electronicsdse855
deepseaelectronicsdse855_firmware

Detection & IOCsextracted from sources · hover to see the quote

path/Backup.bin
commandGET /Backup.bin HTTP/1.1
  • Fingerprint target device by checking HTTP response body for 'Copyright Deep Sea Electronics' before probing the backup endpoint.
  • Affected version is DSE855 Version 1.0.26; presence of this version on network-adjacent segments should trigger investigation.
  • FOFA/Shodan fingerprint query 'Deep Sea Electronics' can be used to identify exposed DSE855 devices on the network.
  • ·Vulnerability is only exploitable from network-adjacent attackers (AV:A), not remotely over the internet; detection should focus on local/OT network segments.
  • ·The Nuclei template uses a two-step flow: first confirm the DSE855 web UI is present, then probe /Backup.bin — single-step probes may produce false positives on other devices.

CVSS provenance

nvdv3.16.5MEDIUMCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv3.06.5MEDIUMCVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.