PT-2023-27074 · Elenos · Elenos Etg150 Fm Transmitter
Eslam Kamal
+1
·
Published
2023-10-31
·
Updated
2023-11-09
·
CVE-2023-39695
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Elenos ETG150 FM Transmitter version 3.12
Description
The issue is related to insufficient session expiration, allowing attackers to change transmitter configuration and data after a user has logged out.
Recommendations
For Elenos ETG150 FM Transmitter version 3.12, consider implementing proper session expiration mechanisms to prevent unauthorized access after logout. As a temporary workaround, restrict access to the transmitter configuration and data to minimize the risk of exploitation.
Exploit
Fix
Insufficient Session Expiration
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Elenos Etg150 Fm Transmitter