Reboot or ERASE Devices at Risk of Data Loss and DoS
CVE-2024-35293
9.1CRITICAL
Summary
An unauthenticated remote attacker may use a missing authentication for critical function vulnerability to reboot or erase the affected devices resulting in data loss and/or a DoS.
Affected Version(s)
Series 700 <= 0.1.17.6
CVSS V3.1
Score:
9.1
Severity:
CRITICAL
Confidentiality:
None
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database
Credit
Felix Eberstaller and David Schauer from Limes Security