CVE-2023-38946
CVSS 3.1 Score 8.8 of 10 (high)
Details
Published Mar 6, 2024
Updated: Jan 7, 2025
CWE ID 284
Summary
CVE-2023-38946 is a vulnerability affecting Multilaser RE160 firmware versions 5.07.51_pt_MTL01 and 5.07.52_pt_MTL01. This issue enables attackers to bypass access control mechanisms by providing crafted cookies, granting them full access to the application. The vulnerability poses a significant risk as it allows unauthorized users to manipulate the system and potentially steal sensitive data or disrupt operations. Users are strongly advised to update their firmware as soon as patches become available.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- Multilaser