Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
elenos etg150 firmware 3.12 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-34672
Improper Access Control leads to adding a high-privilege user affecting Elenos ETG150 FM transmitter running on version 3.12 by exploiting user's role within the admin profile. An attack could occur over the public Internet in some cases.
Elenos Etg150 Firmware 3.12
7.5
CVSSv3
CVE-2023-37832
A lack of rate limiting in Elenos ETG150 FM transmitter v3.12 allows malicious users to obtain user credentials via brute force and cause other unspecified impacts.
Elenos Etg150 Firmware 3.12
2.7
CVSSv3
CVE-2023-37833
Improper access control in Elenos ETG150 FM transmitter v3.12 allows malicious users to make arbitrary configuration edits that are only accessed by privileged users.
Elenos Etg150 Firmware 3.12
5.3
CVSSv3
CVE-2023-37831
An issue discovered in Elenos ETG150 FM transmitter v3.12 allows malicious users to enumerate user accounts based on server responses when credentials are submitted.
Elenos Etg150 Firmware 3.12
6.5
CVSSv3
CVE-2023-34673
Elenos ETG150 FM transmitter running on version 3.12 exists to be leaking SMTP credentials and other sensitive information by exploiting the publicly accessible Memcached service. The attack can occur over the public Internet in some cases.
Elenos Etg150 Firmware 3.12
6.5
CVSSv3
CVE-2023-45396
An Insecure Direct Object Reference (IDOR) vulnerability leads to events profiles access in Elenos ETG150 FM transmitter running on version 3.12.
Elenos Etg150 Firmware 3.12
5.3
CVSSv3
CVE-2023-39695
Insufficient session expiration in Elenos ETG150 FM Transmitter v3.12 allows malicious users to arbitrarily change transmitter configuration and data after logging out.
Elenos Etg150 Firmware 3.12
8.8
CVSSv3
CVE-2023-34671
Improper Access Control leads to privilege escalation affecting Elenos ETG150 FM transmitter running on version 3.12 by exploiting user's role in the user profile. An attack could occur over the public Internet in some cases.
Elenos Etg150 Fm Firmware 3.12
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started