CVE-2023-5028

A vulnerability, which was classified as problematic, has been found in China Unicom TEWA-800G 4.16L.04_CT2015_Yueme. Affected by this issue is some unknown functionality. The manipulation leads to information exposure through debug log file. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. VDB-239870 is the identifier assigned to this vulnerability.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:chinaunicom:tewa-800g_firmware:4.16l.04_ct2015_yueme:*:*:*:*:*:*:*
cpe:2.3:h:chinaunicom:tewa-800g:-:*:*:*:*:*:*:*

History

21 Nov 2024, 08:40

Type Values Removed Values Added
References () https://github.com/pinglan123/-/wiki/%E4%B8%AD%E5%9B%BD%E8%81%94%E9%80%9A%E5%AE%B6%E7%94%A8%E7%BD%91%E5%85%B3 - Exploit, Third Party Advisory () https://github.com/pinglan123/-/wiki/%E4%B8%AD%E5%9B%BD%E8%81%94%E9%80%9A%E5%AE%B6%E7%94%A8%E7%BD%91%E5%85%B3 - Exploit, Third Party Advisory
References () https://vuldb.com/?ctiid.239870 - Third Party Advisory () https://vuldb.com/?ctiid.239870 - Third Party Advisory
References () https://vuldb.com/?id.239870 - Third Party Advisory () https://vuldb.com/?id.239870 - Third Party Advisory
CVSS v2 : 1.2
v3 : 4.6
v2 : 1.2
v3 : 2.0

29 Feb 2024, 01:42

Type Values Removed Values Added
New CVE

Information

Published : 2023-09-17 11:15

Updated : 2024-11-21 08:40


NVD link : CVE-2023-5028

Mitre link : CVE-2023-5028

CVE.ORG link : CVE-2023-5028


JSON object : View

Products Affected

chinaunicom

  • tewa-800g
  • tewa-800g_firmware
CWE
CWE-534

DEPRECATED: Information Exposure Through Debug Log Files

CWE-532

Insertion of Sensitive Information into Log File