CVE-2024-5947

Name of the Vulnerable Software and Affected Versions: Deep Sea Electronics DSE855 (affected versions not specified)

Description: This issue allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. The specific flaw exists within the web-based UI, resulting from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.