CVE-2023-34671

Name of the Vulnerable Software and Affected Versions Elenos ETG150 FM transmitter version 3.12

Description The issue is related to improper access control, which can lead to privilege escalation. This can be exploited by utilizing a user's role in their profile. In some cases, an attack could be conducted over the public Internet. The vulnerability is also associated with deficiencies in access control in the Memcached service of the Elenos ETG150 FM transmitter's firmware, allowing a remote attacker to potentially elevate their privileges.

Recommendations For Elenos ETG150 FM transmitter version 3.12, consider restricting access to the user profile and user role to minimize the risk of exploitation until a patch is available. As a temporary workaround, limit the use of the Memcached service to reduce the attack surface. At the moment, there is no information about a newer version that contains a fix for this vulnerability.