#VU73250 Missing Authentication for Critical Function in Akuvox E11 - CVE-2023-0354
Published: March 13, 2023
Vulnerability identifier: #VU73250
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2023-0354
CWE-ID: CWE-306
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vulnerable software:
Akuvox E11
Akuvox E11
Software vendor:
Akuvox
Akuvox
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to missing authentication for a critical function. A remote attacker on the local network can execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Remediation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.