216.73.216.67

CVE-2024-27168

· Published 14/06/2024 04:15 · Modified 14/06/2024 04:15

Labels: CVE-2024-27168 2024-06-14CVE-2024-27168CWE-798ecc0f906-8666-484c-bcf8-c3b7520a72f0

Essential information

Published
14/06/2024 04:15
Modified
14/06/2024 04:15
Author
Creator
CVSS
7.1 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CVSS metrics

Description

It appears that some hardcoded keys are used for authentication to internal API. Knowing these private keys may allow attackers to bypass authentication and reach administrative interfaces. As for the affected products/models/versions, see the reference URL.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
ecc0f906-8666-484c-bcf8-c3b7520a72f0
NVD
View on NVD

References