CVE-2023-50614

Name of the Vulnerable Software and Affected Versions EBYTE E880-IR01-V1.1

Description An issue discovered in the software allows an attacker to obtain sensitive information via a crafted POST request to the "/cgi-bin/luci" API endpoint. The POST request is used to exploit this issue, but specific details about vulnerable parameters or variables are not provided.

Recommendations For EBYTE E880-IR01-V1.1, consider restricting access to the "/cgi-bin/luci" API endpoint until a patch is available. As a temporary workaround, avoid using this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.