An Insecure Direct Object Reference (IDOR) vulnerability leads to events profiles access in Elenos ETG150 FM transmitter running on version 3.12.
References
Configurations
Configuration 1 (hide)
AND |
|
History
07 Nov 2023, 04:21
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
18 Oct 2023, 16:48
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:elenos:etg150_firmware:3.12:*:*:*:*:*:*:* cpe:2.3:h:elenos:etg150:-:*:*:*:*:*:*:* |
|
First Time |
Elenos etg150 Firmware
Elenos Elenos etg150 |
|
CWE | CWE-639 | |
References | (MISC) https://github.com/strik3r0x1/Vulns/blob/main/(IDOR)%20leads%20to%20events%20profiles%20access%20-%20Elenos.md - Exploit, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
11 Oct 2023, 14:23
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-10-11 14:15
Updated : 2023-12-10 15:14
NVD link : CVE-2023-45396
Mitre link : CVE-2023-45396
CVE.ORG link : CVE-2023-45396
JSON object : View
Products Affected
elenos
- etg150_firmware
- etg150
CWE
CWE-639
Authorization Bypass Through User-Controlled Key