CVE-2023-38946

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Mar 6, 2024
Updated: Jan 7, 2025
CWE ID 284

Summary

CVE-2023-38946 is a vulnerability affecting Multilaser RE160 firmware versions 5.07.51_pt_MTL01 and 5.07.52_pt_MTL01. This issue enables attackers to bypass access control mechanisms by providing crafted cookies, granting them full access to the application. The vulnerability poses a significant risk as it allows unauthorized users to manipulate the system and potentially steal sensitive data or disrupt operations. Users are strongly advised to update their firmware as soon as patches become available.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share