← back
CVE-2023-41920

Authentication Bypass by Primary Weakness in Kiloview P1/P2 devices

CVSS 9.8 CRITICALEPSS 0.4%CWE-305
The vulnerability allows attackers access to the root account without having to authenticate. Specifically, if the device is configured with the IP address of 10.10.10.10, the root user is automatically logged in.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Kiloview · P1/P2

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://advisories.ncsc.nl/advisory?id=NCSC-2024-0273