CVE-2023-6930

Name of the Vulnerable Software and Affected Versions EuroTel ETL3100 versions v01c01 and v01x37

Description The issue is related to an unauthenticated configuration and log download vulnerability. This vulnerability enables an attacker to disclose sensitive information, which can assist in authentication bypass, privilege escalation, and ultimately, full system access. Additionally, the vulnerability is associated with a lack of authentication attempt limits, allowing a remote attacker to gain full access through brute force.

Recommendations For EuroTel ETL3100 versions v01c01 and v01x37, consider restricting access to configuration and log download features to minimize the risk of exploitation. As a temporary workaround, avoid using the vulnerable configuration and log download functionality until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.