CVE-2023-24215
Published
CVSS v3
9.1
CRITICAL
CVSS v2
N/A
Affected
1
PROJECT
Description
Incorrect access control in the /uci/get/ endpoint of NOVUS AirGate 4G firmware v1.1.16 allows unauthenticated attackers to obtain administrator credentials via a crafted POST request.
Collection of CVEs and security advisories discovered and responsibly disclosed by Sql3t0, including technical details, impact assessment, and mitigation guidance.
GitHub