CVE-2023-43134

critical

Description

There is an unauthorized access vulnerability in Netis 360RAC1200 v1.3.4517, which allows attackers to obtain sensitive information of the device without authentication, obtain user tokens, and ultimately log in to the device backend management.

References

https://github.com/7R4C4R/CVE/blob/main/Netis-360R-AC1200/unauthorized%20access/readme.md

Details

Source: Mitre, NVD

Published: 2023-09-20

Updated: 2023-09-22

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H