An Insecure Direct Object Reference (IDOR) vulnerability leads to events profiles access in Elenos ETG150 FM transmitter running on version 3.12.
References
Configurations
Configuration 1 (hide)
AND |
|
History
07 Nov 2023, 04:21
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
18 Oct 2023, 16:48
Type | Values Removed | Values Added |
---|---|---|
First Time |
Elenos etg150
Elenos etg150 Firmware Elenos |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
CWE | CWE-639 | |
CPE | cpe:2.3:h:elenos:etg150:-:*:*:*:*:*:*:* cpe:2.3:o:elenos:etg150_firmware:3.12:*:*:*:*:*:*:* |
|
References | (MISC) https://github.com/strik3r0x1/Vulns/blob/main/(IDOR)%20leads%20to%20events%20profiles%20access%20-%20Elenos.md - Exploit, Third Party Advisory |
11 Oct 2023, 14:23
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-10-11 14:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-45396
Mitre link : CVE-2023-45396
CVE.ORG link : CVE-2023-45396
JSON object : View
Products Affected
elenos
- etg150_firmware
- etg150
CWE
CWE-639
Authorization Bypass Through User-Controlled Key