How severe is CVE-2021-33842?

CVE-2021-33842 has a CVSS v3 score of 8.8 (HIGH).

CVE-2021-33842

Name: sge-plc1000
Author: circutor

8.8HIGH

Improper Authentication vulnerability in the cookie parameter of Circutor SGE-PLC1000 firmware version 0.9.2b allows an attacker to perform operations as an authenticated user. In order to exploit thi

Published: 6/9/2021Updated: 11/21/2024

Description

Improper Authentication vulnerability in the cookie parameter of Circutor SGE-PLC1000 firmware version 0.9.2b allows an attacker to perform operations as an authenticated user. In order to exploit this vulnerability, the attacker must be within the network where the device affected is located.

AI AnalysisPowered by AI

Affected Products

circutorsge-plc1000_firmware

0.9.2b

circutorsge-plc1000

References

https://www.incibe.es/en/incibe-cert/notices/aviso-sci/circutor-sge-plc1000-improper-authentication
https://www.incibe.es/en/incibe-cert/notices/aviso-sci/circutor-sge-plc1000-improper-authentication