Welotec Tk515L vulnerabilities
2 known vulnerabilities affecting welotec/tk515l.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2023-1083P2CRITICALCVSS 9.8fixed in v2.3.0.r55422024-04-09
CVE-2023-1083 [CRITICAL] CWE-306 CVE-2023-1083: An unauthenticated remote attacker who is aware of a MQTT topic name can send and receive messages,
An unauthenticated remote attacker who is aware of a MQTT topic name can send and receive messages, including GET/SET configuration commands, reboot commands and firmware updates.
nvd
CVE-2023-1082P3HIGHCVSS 8.8fixed in v2.3.0.r55422024-04-09
CVE-2023-1082 [HIGH] CWE-78 CVE-2023-1082: An remote attacker with low privileges can perform a command injection which can lead to root access
An remote attacker with low privileges can perform a command injection which can lead to root access.
nvd