Incorrect access control in the account management function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote authenticated users to alter user and administrator accounts credentials via HTTP POST request.
References
Link | Resource |
---|---|
https://github.com/setersora/pe6208 | Exploit Third Party Advisory |
https://github.com/setersora/pe6208 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
03 Jun 2025, 15:23
Type | Values Removed | Values Added |
---|---|---|
First Time |
Aten pe6208
Aten Aten pe6208 Firmware |
|
References | () https://github.com/setersora/pe6208 - Exploit, Third Party Advisory | |
CPE | cpe:2.3:o:aten:pe6208_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:aten:pe6208:-:*:*:*:*:*:*:* |
21 Nov 2024, 08:24
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/setersora/pe6208 - |
15 Nov 2024, 19:35
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-416 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.3 |
29 May 2024, 13:02
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
28 May 2024, 19:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-05-28 19:15
Updated : 2025-06-03 15:23
NVD link : CVE-2023-43842
Mitre link : CVE-2023-43842
CVE.ORG link : CVE-2023-43842
JSON object : View
Products Affected
aten
- pe6208_firmware
- pe6208
CWE
CWE-416
Use After Free