PT-2022-11856 · Kaon · Claro Kaon Cg3000

Published

2022-04-08

Updated

2022-07-12

CVE-2021-43483

CVSS v3.1

8.0

High

Vector

AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions CLARO KAON CG3000 version 1.00.67

Description An Access Control issue exists in the router configuration, allowing a malicious user to read or update the configuration without authentication.

Recommendations For CLARO KAON CG3000 version 1.00.67, consider restricting access to the router configuration to minimize the risk of exploitation. As a temporary workaround, limit the ability to read or update the configuration without proper authentication until a patch is available.

Exploit

Fix

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2021-43483

Affected Products

Claro Kaon Cg3000

PT-2022-11856 · Kaon · Claro Kaon Cg3000

CVE-2021-43483

Weakness Enumeration

Related Identifiers

Affected Products

References · 4