CVE-2023-38945
Last modified
CVE-2023-38945 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. Multilaser RE160 v5.07.51_pt_MTL01 and v5.07.52_pt_MTL01, Multilaser RE160V v12.03.01.08_pt and V12.03.01.09_pt, and Multilaser RE163V v12.03.01.08_pt allows attackers to bypass the access control and gain complete access to the application via supplying a crafted URL.. EPSS estimates a 0.96% chance of exploitation in the next 30 days.
Description
Multilaser RE160 v5.07.51_pt_MTL01 and v5.07.52_pt_MTL01, Multilaser RE160V v12.03.01.08_pt and V12.03.01.09_pt, and Multilaser RE163V v12.03.01.08_pt allows attackers to bypass the access control and gain complete access to the application via supplying a crafted URL.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Multilaser | Re160 Firmware | 5.07.51_pt_mtl01 |
| Multilaser | Re160 Firmware | 5.07.52_pt_mtl01 |
| Multilaser | Re160v Firmware | 12.03.01.08_pt |
| Multilaser | Re160v Firmware | 12.03.01.09_pt |
| Multilaser | Re163v Firmware | 12.03.01.08_pt |
References
- http://seclists.org/fulldisclosure/2024/Mar/1Exploit, Third Party Advisory
- http://seclists.org/fulldisclosure/2024/Mar/1Exploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2023-38945?
How severe is CVE-2023-38945?
How do I fix CVE-2023-38945?
Are you affected by CVE-2023-38945?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST