CVE-2023-37831

An issue discovered in Elenos ETG150 FM transmitter v3.12 allows attackers to enumerate user accounts based on server responses when credentials are submitted.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:elenos:etg150_firmware:3.12:*:*:*:*:*:*:*
cpe:2.3:h:elenos:etg150:-:*:*:*:*:*:*:*

History

12 Sep 2024, 14:35

Type Values Removed Values Added
CWE CWE-204

08 Nov 2023, 18:00

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.3
CPE cpe:2.3:o:elenos:etg150_firmware:3.12:*:*:*:*:*:*:*
cpe:2.3:h:elenos:etg150:-:*:*:*:*:*:*:*
CWE NVD-CWE-noinfo
References (MISC) https://github.com/strik3r0x1/Vulns/blob/main/User%20enumeration%20-%20Elenos.md - (MISC) https://github.com/strik3r0x1/Vulns/blob/main/User%20enumeration%20-%20Elenos.md - Exploit, Third Party Advisory
First Time Elenos etg150
Elenos etg150 Firmware
Elenos

31 Oct 2023, 18:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-10-31 18:15

Updated : 2024-09-12 14:35


NVD link : CVE-2023-37831

Mitre link : CVE-2023-37831

CVE.ORG link : CVE-2023-37831


JSON object : View

Products Affected

elenos

  • etg150_firmware
  • etg150
CWE
NVD-CWE-noinfo CWE-204

Observable Response Discrepancy