CVE-2023-45228

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Application (affected versions not specified)

Description The application has an issue with improper access control when editing users. A user with read permissions can manipulate users, passwords, and permissions by sending a single HTTP POST request with modified parameters.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

CVE-2023-45228

Affected Products

Analog Fm Transmitter

Radio Link

Analog Fm Transmitter Exc1000Gt Firmware

Analog Fm Transmitter Exc100Gt Firmware

Analog Fm Transmitter Exc120Gt Firmware

Analog Fm Transmitter Exc1600Gx Firmware

Analog Fm Transmitter Exc2000Gx Firmware

Analog Fm Transmitter Exc3000Gx Firmware

Analog Fm Transmitter Exc300Gt Firmware

Analog Fm Transmitter Exc30Gt Firmware

Analog Fm Transmitter Exc5000Gt Firmware

Radio Link Exc19 Firmware

Radio Link Rtx19 Firmware

CVE-2023-45228

Weakness Enumeration

Related Identifiers

Affected Products

References · 6