Multiple vulnerabilities in EuroTel ETL3100 Radio Transmitter
| Risk | High |
| Patch available | NO |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2023-6928 CVE-2023-6929 CVE-2023-6930 |
| CWE-ID | CWE-307 CWE-639 CWE-284 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #1 is available. Public exploit code for vulnerability #2 is available. Public exploit code for vulnerability #3 is available. |
| Vulnerable software |
ETL3100 Hardware solutions / Firmware |
| Vendor | Eurotel |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Improper Restriction of Excessive Authentication Attempts
EUVDB-ID: #VU84597
Risk: High
CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]
CVE-ID: CVE-2023-6928
CWE-ID:
CWE-307 - Improper Restriction of Excessive Authentication Attempts
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to improper restriction of excessive authentication attempts. A remote attacker can perform a brute-force attack on the system and guess administrative credentials.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsETL3100: 01c01 - 01x37
CPE2.3 External linkshttps://www.cisa.gov/news-events/ics-advisories/icsa-23-353-05
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Authorization bypass through user-controlled key
EUVDB-ID: #VU84599
Risk: High
CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]
CVE-ID: CVE-2023-6929
CWE-ID:
CWE-639 - Authorization Bypass Through User-Controlled Key
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to insecure direct object references when the application provides direct access to objects based on user-supplied input. A remote attacker can bypass authorization, access the hidden resources on the system and execute privileged functionalities.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsETL3100: 01c01 - 01x37
CPE2.3 External linkshttps://www.cisa.gov/news-events/ics-advisories/icsa-23-353-05
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
3) Improper access control
EUVDB-ID: #VU84600
Risk: High
CVSSv4.0: 7.8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]
CVE-ID: CVE-2023-6930
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to unauthenticated configuration and log download issue. A remote attacker can bypass implemented security restrictions and gain unauthorized access to the application.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsETL3100: 01c01 - 01x37
CPE2.3 External linkshttps://www.cisa.gov/news-events/ics-advisories/icsa-23-353-05
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
