CVE-2023-36144

An authentication bypass in Intelbras Switch SG 2404 MR in firmware 1.00.54 allows an unauthenticated attacker to download the backup file of the device, exposing critical information about the device configuration.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:intelbras:sg_2404_mr_firmware:1.00.54:*:*:*:*:*:*:*
cpe:2.3:h:intelbras:sg_2404_mr:-:*:*:*:*:*:*:*

History

10 Jul 2023, 14:28

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
First Time Intelbras sg 2404 Mr Firmware
Intelbras
Intelbras sg 2404 Mr
CWE CWE-862
CPE cpe:2.3:o:intelbras:sg_2404_mr_firmware:1.00.54:*:*:*:*:*:*:*
cpe:2.3:h:intelbras:sg_2404_mr:-:*:*:*:*:*:*:*
References (MISC) https://github.com/leonardobg/CVE-2023-36144 - (MISC) https://github.com/leonardobg/CVE-2023-36144 - Exploit
References (MISC) http://intelbras.com - (MISC) http://intelbras.com - Product

30 Jun 2023, 23:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-06-30 23:15

Updated : 2024-02-28 20:13


NVD link : CVE-2023-36144

Mitre link : CVE-2023-36144

CVE.ORG link : CVE-2023-36144


JSON object : View

Products Affected

intelbras

  • sg_2404_mr_firmware
  • sg_2404_mr
CWE
CWE-862

Missing Authorization