CVE-2023-0102

Name of the Vulnerable Software and Affected Versions LS ELECTRIC XBC-DN32U version 01.80

Description The issue is related to the lack of authentication for a critical function in the LS ELECTRIC XBC-DN32U, specifically its deletion command. This could allow an attacker to delete arbitrary files. The exploitation of this issue may enable a remote attacker to perform unauthorized file deletion.

Recommendations For LS ELECTRIC XBC-DN32U version 01.80, consider disabling the deletion command functionality until a patch or fix is available to address the lack of authentication. Restrict access to the device to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.