PT-2026-29891 · Unknown · Hisecos Web Server

Published

2026-04-02

Updated

2026-04-03

CVE-2023-7343

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions HiSecOS web server versions 05.0.00 through 08.3.01

Description HiSecOS web server versions 05.0.00 through 08.3.01 are susceptible to a privilege escalation issue. Authenticated users with operator or auditor roles can escalate their privileges to the administrator role by sending specially crafted packets to the web server. This allows attackers to gain full administrative access to the affected device.

Recommendations Update to version 08.3.02 or later.

Fix

LPE

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

CVE-2023-7343

Affected Products

Hisecos Web Server

PT-2026-29891 · Unknown · Hisecos Web Server

CVE-2023-7343

Weakness Enumeration

Related Identifiers

Affected Products

References · 4