CVE-2023-39171

Name of the Vulnerable Software and Affected Versions SENEC Storage Box versions V1, V2, and V3

Description The issue concerns the accidental exposure of a management UI in the SENEC Storage Box, which can be accessed using publicly known admin credentials. This allows unauthorized access to the device's management interface.

Recommendations For versions V1, V2, and V3, consider changing the admin credentials to a strong, unique password to prevent unauthorized access until a patch is available. As a temporary workaround, restrict access to the management UI to minimize the risk of exploitation. Avoid using default or publicly known admin credentials in the affected management UI until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.