CVE-2023-43850
CVE-2023-43850
In short
The web interface of Aten PE6208 devices doesn't properly check user input in its management functions, allowing someone with login access to send specially crafted requests that partially disable the web interface.
Technical detail
CWE-1286 improper input validation in the user management HTTP POST handler permits remote authenticated attackers to trigger a partial denial of service (DoS) of the web interface. Pre-condition: valid authentication credentials required. Impact: web interface becomes partially unavailable.
Summary generated and translated by AI from the official description.
Improper input validation in the user management function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote authenticated users to cause a partial DoS of web interface via HTTP POST request.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://github.com/setersora/pe6208