HGiga PowerStation has a vulnerability of Information Leakage. An unauthenticated remote attacker can exploit this vulnerability to obtain the administrator's credential. This credential can then be used to login PowerStation or Secure Shell to achieve remote code execution.
References
Link | Resource |
---|---|
https://www.twcert.org.tw/tw/cp-132-6957-d8f67-1.html | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
15 May 2023, 03:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-200 | |
Summary | HGiga PowerStation has a vulnerability of Information Leakage. An unauthenticated remote attacker can exploit this vulnerability to obtain the administrator's credential. This credential can then be used to login PowerStation or Secure Shell to achieve remote code execution. | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
30 Mar 2023, 19:24
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
References | (CONFIRM) https://www.twcert.org.tw/tw/cp-132-6957-d8f67-1.html - Third Party Advisory | |
CPE | cpe:2.3:o:hgiga:powerstation_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:hgiga:powerstation:-:*:*:*:*:*:*:* |
|
CWE | CWE-306 |
27 Mar 2023, 12:40
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-03-27 04:15
Updated : 2024-02-04 23:37
NVD link : CVE-2023-24838
Mitre link : CVE-2023-24838
CVE.ORG link : CVE-2023-24838
JSON object : View
Products Affected
hgiga
- powerstation_firmware
- powerstation