CVE-2023-33237

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 17, 2023
Updated: Aug 22, 2023
CWE ID 287

Summary

CVE-2023-33237 is a vulnerability affecting the TN-5900 Series firmware version 3.3 and prior. This issue stems from insufficient authentication measures in the web API handler. As a result, low-privileged APIs can perform actions reserved for high-privileged APIs, increasing the risk of unauthorized exploitation by malicious actors. This vulnerability may allow attackers to gain unauthorized access to restricted functionalities.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share