Arbitrary Account Creation in INTELBRAS SG 2404 Managed Switch
CVE-2022-43308
7.8HIGH
Summary
The INTELBRAS SG 2404 Managed Switch has a significant vulnerability that allows authenticated attackers to create Administrator accounts at will by manipulating user cookies. This could lead to unauthorized access and control over the network device, posing risks to the overall security and integrity of the network environment.
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved