MEDIUM🇬🇧 English

CVE-2023-41354

CVSS 4.0v3.1pub. 2023-11-03upd. 2024-11-21

Chunghwa Telecom NOKIA G-040W-Q Firewall function does not block ICMP TIMESTAMP requests by default, an unauthenticated remote attacker can exploit this vulnerability by sending a crafted package, resulting in partially sensitive information exposed to an actor.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  • Nokia G 040w Q

    HW
    Nokia
    wszystkie wersje
  • Nokia G 040w Q Firmware

    OS
    Nokia
    g040wqr201207
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Firewall
CWE
Referencje

Powiązane podatności

CVE-2023-41351CRITICAL9.8ten sam produkt

Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of authentication bypass, which allows an unauthenticated ...

CVE-2023-41355CRITICAL9.8ten sam produkt

Chunghwa Telecom NOKIA G-040W-Q Firewall function has a vulnerability of input validation for ICMP redirect me...

CVE-2023-41350HIGH7.5ten sam produkt

Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of insufficient measures to prevent multiple failed authen...

CVE-2023-41352HIGH7.2ten sam produkt

Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of insufficient filtering for user input. A remote attacke...

CVE-2023-41353HIGH8.8ten sam produkt

Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. A remote attacker with regu...