An authentication bypass in Intelbras Switch SG 2404 MR in firmware 1.00.54 allows an unauthenticated attacker to download the backup file of the device, exposing critical information about the device configuration.
References
Link | Resource |
---|---|
http://intelbras.com | Product |
https://github.com/leonardobg/CVE-2023-36144 | Exploit |
Configurations
Configuration 1 (hide)
AND |
|
History
10 Jul 2023, 14:28
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
First Time |
Intelbras sg 2404 Mr Firmware
Intelbras Intelbras sg 2404 Mr |
|
CWE | CWE-862 | |
CPE | cpe:2.3:o:intelbras:sg_2404_mr_firmware:1.00.54:*:*:*:*:*:*:* cpe:2.3:h:intelbras:sg_2404_mr:-:*:*:*:*:*:*:* |
|
References | (MISC) https://github.com/leonardobg/CVE-2023-36144 - Exploit | |
References | (MISC) http://intelbras.com - Product |
30 Jun 2023, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-30 23:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-36144
Mitre link : CVE-2023-36144
CVE.ORG link : CVE-2023-36144
JSON object : View
Products Affected
intelbras
- sg_2404_mr_firmware
- sg_2404_mr
CWE
CWE-862
Missing Authorization