CVE-2023-43847

Severity CVSS v4.0:
Pending analysis
Type:
CWE-284 Improper Access Control
Publication date:
28/05/2024
Last modified:
30/05/2025

Description

Incorrect access control in the outlet control function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote authenticated users to control all the outlets as if they were the administrator via HTTP POST requests.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:aten:pe6208_firmware:*:*:*:*:*:*:*:* 2.3.228 (including) 2.4.239 (excluding)
cpe:2.3:h:aten:pe6208:-:*:*:*:*:*:*:*