CVE Published: 26/10/2023 |
CVE Updated: 02/08/2024 |
CVE Year: 2023 Source: icscert |
Vendor: Sielco |
Product: Analog FM transmitter Status : PUBLISHED
CVE-2023-45317 Description
The application interface allows users to perform certain actions via
HTTP requests without performing any validity checks to verify the
requests. This can be exploited to perform certain actions with
administrative privileges if a logged-in user visits a malicious web
site.
Metrics
CVSS Version: 3.1 |
Base Score: 8.8 HIGH Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H