Elenos

elenos

8 CVEs • 4 products

Products (4)

Click to collapse

Toggle

Etg150 Firmware

etg150_firmware

Etg150 Fm Firmware

etg150_fm_firmware

CVEs (8)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-39695 1Elenos 1Etg150 Firmware Nov 21, 2024 Oct 31, 2023 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Insufficient session expiration in Elenos ETG150 FM Transmitter v3.12 allows attackers to arbitrarily change transmitter configuration and data after logging out.
CVE-2023-37833 1Elenos 1Etg150 Firmware Nov 21, 2024 Oct 31, 2023 N/A· v4 2.7 LOW· v3 N/A· v2 Improper access control in Elenos ETG150 FM transmitter v3.12 allows attackers to make arbitrary configuration edits that are only accessed by privileged users.
CVE-2023-37832 1Elenos 1Etg150 Firmware Nov 21, 2024 Oct 31, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 A lack of rate limiting in Elenos ETG150 FM transmitter v3.12 allows attackers to obtain user credentials via brute force and cause other unspecified impacts.
CVE-2023-37831 1Elenos 1Etg150 Firmware Nov 21, 2024 Oct 31, 2023 N/A· v4 5.3 MEDIUM· v3 N/A· v2 An issue discovered in Elenos ETG150 FM transmitter v3.12 allows attackers to enumerate user accounts based on server responses when credentials are submitted.
CVE-2023-45396 1Elenos 1Etg150 Firmware Nov 21, 2024 Oct 11, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 An Insecure Direct Object Reference (IDOR) vulnerability leads to events profiles access in Elenos ETG150 FM transmitter running on version 3.12.
CVE-2023-34673 1Elenos 1Etg150 Firmware Nov 21, 2024 Jun 23, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Elenos ETG150 FM transmitter running on version 3.12 was discovered to be leaking SMTP credentials and other sensitive information by exploiting the publicly accessible Memcached service. The attack can occur over the pu...Show more Elenos ETG150 FM transmitter running on version 3.12 was discovered to be leaking SMTP credentials and other sensitive information by exploiting the publicly accessible Memcached service. The attack can occur over the public Internet in some cases.Show less
CVE-2023-34672 1Elenos 1Etg150 Firmware Dec 5, 2024 Jun 23, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Improper Access Control leads to adding a high-privilege user affecting Elenos ETG150 FM transmitter running on version 3.12 by exploiting user's role within the admin profile. An attack could occur over the public Inter...Show more Improper Access Control leads to adding a high-privilege user affecting Elenos ETG150 FM transmitter running on version 3.12 by exploiting user's role within the admin profile. An attack could occur over the public Internet in some cases.Show less
CVE-2023-34671 1Elenos 1Etg150 Fm Firmware Nov 21, 2024 Jun 23, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Improper Access Control leads to privilege escalation affecting Elenos ETG150 FM transmitter running on version 3.12 by exploiting user's role in the user profile. An attack could occur over the public Internet in some c...Show more Improper Access Control leads to privilege escalation affecting Elenos ETG150 FM transmitter running on version 3.12 by exploiting user's role in the user profile. An attack could occur over the public Internet in some cases.Show less