PT-2023-20059 · Vtech · Vtech Vcs754
Published
2023-04-27
·
Updated
2025-01-31
·
CVE-2023-25437
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
vTech VCS754 versions 1.1.1.A through 1.1.1.G
Description
An issue was discovered that allows attackers to gain escalated privileges and gain sensitive information due to cleartext passwords passed in the raw HTML.
Recommendations
For versions 1.1.1.A through 1.1.1.G, update to version 1.1.1.H or later to resolve the issue.
Exploit
Fix
Cleartext Transmission of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Vtech Vcs754