Incorrect access control in the outlet control function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote authenticated users to control all the outlets as if they were the administrator via HTTP POST requests.
References
Link | Resource |
---|---|
https://github.com/setersora/pe6208 | Exploit Third Party Advisory |
https://github.com/setersora/pe6208 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
30 May 2025, 16:25
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:aten:pe6208_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:aten:pe6208:-:*:*:*:*:*:*:* |
|
References | () https://github.com/setersora/pe6208 - Exploit, Third Party Advisory | |
First Time |
Aten pe6208
Aten Aten pe6208 Firmware |
21 Nov 2024, 08:24
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/setersora/pe6208 - |
23 Aug 2024, 17:35
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
CWE | CWE-284 |
29 May 2024, 13:02
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
28 May 2024, 19:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-05-28 19:15
Updated : 2025-05-30 16:25
NVD link : CVE-2023-43847
Mitre link : CVE-2023-43847
CVE.ORG link : CVE-2023-43847
JSON object : View
Products Affected
aten
- pe6208_firmware
- pe6208
CWE
CWE-284
Improper Access Control