Search criteria
2 vulnerabilities found for MAX-G866ac by MAXTECH
CVE-2023-2231 (GCVE-0-2023-2231)
Vulnerability from nvd – Published: 2023-04-21 14:31 – Updated: 2024-08-02 06:12
VLAI
Title
MAXTECH MAX-G866ac Remote Management missing authentication
Summary
A vulnerability, which was classified as critical, was found in MAXTECH MAX-G866ac 0.4.1_TBRO_20160314. This affects an unknown part of the component Remote Management. The manipulation leads to missing authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-227001 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Severity
9.8 (Critical)
9.8 (Critical)
CWE
- CWE-306 - Missing Authentication
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.227001 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.227001 | signaturepermissions-required |
| https://youtu.be/fikdcK_xlS8 | media-coverage |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| MAXTECH | MAX-G866ac |
Affected:
0.4.1_TBRO_20160314
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:12:20.680Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.227001"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.227001"
},
{
"tags": [
"media-coverage",
"x_transferred"
],
"url": "https://youtu.be/fikdcK_xlS8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"modules": [
"Remote Management"
],
"product": "MAX-G866ac",
"vendor": "MAXTECH",
"versions": [
{
"status": "affected",
"version": "0.4.1_TBRO_20160314"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"value": "mrempy (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in MAXTECH MAX-G866ac 0.4.1_TBRO_20160314. This affects an unknown part of the component Remote Management. The manipulation leads to missing authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-227001 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Es wurde eine kritische Schwachstelle in MAXTECH MAX-G866ac 0.4.1_TBRO_20160314 gefunden. Hiervon betroffen ist ein unbekannter Codeblock der Komponente Remote Management. Mittels dem Manipulieren mit unbekannten Daten kann eine missing authentication-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 10,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-22T14:55:00.480Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.227001"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.227001"
},
{
"tags": [
"media-coverage"
],
"url": "https://youtu.be/fikdcK_xlS8"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-04-21T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-04-21T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-04-21T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-05-15T12:21:43.000Z",
"value": "VulDB entry last update"
}
],
"title": "MAXTECH MAX-G866ac Remote Management missing authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-2231",
"datePublished": "2023-04-21T14:31:03.678Z",
"dateReserved": "2023-04-21T14:16:04.937Z",
"dateUpdated": "2024-08-02T06:12:20.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2231 (GCVE-0-2023-2231)
Vulnerability from cvelistv5 – Published: 2023-04-21 14:31 – Updated: 2024-08-02 06:12
VLAI
Title
MAXTECH MAX-G866ac Remote Management missing authentication
Summary
A vulnerability, which was classified as critical, was found in MAXTECH MAX-G866ac 0.4.1_TBRO_20160314. This affects an unknown part of the component Remote Management. The manipulation leads to missing authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-227001 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Severity
9.8 (Critical)
9.8 (Critical)
CWE
- CWE-306 - Missing Authentication
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.227001 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.227001 | signaturepermissions-required |
| https://youtu.be/fikdcK_xlS8 | media-coverage |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| MAXTECH | MAX-G866ac |
Affected:
0.4.1_TBRO_20160314
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:12:20.680Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.227001"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.227001"
},
{
"tags": [
"media-coverage",
"x_transferred"
],
"url": "https://youtu.be/fikdcK_xlS8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"modules": [
"Remote Management"
],
"product": "MAX-G866ac",
"vendor": "MAXTECH",
"versions": [
{
"status": "affected",
"version": "0.4.1_TBRO_20160314"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"value": "mrempy (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in MAXTECH MAX-G866ac 0.4.1_TBRO_20160314. This affects an unknown part of the component Remote Management. The manipulation leads to missing authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-227001 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Es wurde eine kritische Schwachstelle in MAXTECH MAX-G866ac 0.4.1_TBRO_20160314 gefunden. Hiervon betroffen ist ein unbekannter Codeblock der Komponente Remote Management. Mittels dem Manipulieren mit unbekannten Daten kann eine missing authentication-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 10,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-22T14:55:00.480Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.227001"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.227001"
},
{
"tags": [
"media-coverage"
],
"url": "https://youtu.be/fikdcK_xlS8"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-04-21T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-04-21T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-04-21T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-05-15T12:21:43.000Z",
"value": "VulDB entry last update"
}
],
"title": "MAXTECH MAX-G866ac Remote Management missing authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-2231",
"datePublished": "2023-04-21T14:31:03.678Z",
"dateReserved": "2023-04-21T14:16:04.937Z",
"dateUpdated": "2024-08-02T06:12:20.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}