CVE-2023-2759

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jul 17, 2023
Updated: Jul 27, 2023
CWE ID 755

Summary

CVE-2023-2759 is a vulnerability affecting TapHome's core platform before version 2023.2. This issue introduces a hidden API that enables authenticated, low privileged users to alter other users' passwords without prior notification. An attacker can exploit this vulnerability to gain full access to the device, posing a significant security risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share