CVE-2023-2759
CVSS V2 None
CVSS V3 None
Description
A hidden API exists in TapHome's core platform before version 2023.2 that allows an authenticated, low privileged user to change passwords of other users without any prior knowledge. The attacker may gain full access to the device by using this vulnerability.
Overview
- CVE ID
- CVE-2023-2759
- Assigner
- CERTVDE
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-07-17T06:14:15.872Z
- Last Modified Date
- 2023-07-17T06:14:15.872Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://claroty.com/team82/disclosure-dashboard/cve-2023-2759 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-2759 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2759 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-24 21:50:47 | Added to TrackCVE |