PT-2023-30707 · Unknown · Microweber

Grozdniyandyo

Publicado

2023-12-07

Atualizado

2023-12-11

CVE-2023-48122

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions microweber versions 2.0.1 through 2.0.3

Description An issue in microweber allows a remote attacker to obtain sensitive information via the HTTP GET method. Approximately 955 devices are potentially affected, mainly distributed in the United States, Germany, and other countries.

Recommendations For microweber version 2.0.1, update to version 2.0.4 to resolve the issue. For microweber versions 2.0.2 and 2.0.3, update to version 2.0.4 to resolve the issue.

Exploit

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2023-48122

GHSA-P8Q6-QRGJ-7GX2

Produtos afetados

Microweber

PT-2023-30707 · Unknown · Microweber

CVE-2023-48122

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 11