PT-2023-30707 · Unknown · Microweber

Grozdniyandyo

Published

2023-12-07

Updated

2023-12-11

CVE-2023-48122

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions microweber versions 2.0.1 through 2.0.3

Description An issue in microweber allows a remote attacker to obtain sensitive information via the HTTP GET method. Approximately 955 devices are potentially affected, mainly distributed in the United States, Germany, and other countries.

Recommendations For microweber version 2.0.1, update to version 2.0.4 to resolve the issue. For microweber versions 2.0.2 and 2.0.3, update to version 2.0.4 to resolve the issue.

Exploit

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2023-48122

GHSA-P8Q6-QRGJ-7GX2

Affected Products

Microweber

PT-2023-30707 · Unknown · Microweber

CVE-2023-48122

Weakness Enumeration

Related Identifiers

Affected Products

References · 11