CVE-2023-33274

Name of the Vulnerable Software and Affected Versions PowerShield SNMP Web Pro version 1.1

Description The authentication mechanism contains an issue that allows unauthenticated users to directly access Common Gateway Interface (CGI) scripts without proper identification or authorization. This arises from a lack of proper cookie verification and affects all instances without HTTP Digest authentication enabled, regardless of the password used for the web interface.

Recommendations For PowerShield SNMP Web Pro version 1.1, enable HTTP Digest authentication to mitigate the risk of unauthorized access to CGI scripts. As a temporary workaround, consider restricting access to CGI scripts until a more permanent solution is available.