CVE-2023-34673

Elenos ETG150 FM transmitter running on version 3.12 was discovered to be leaking SMTP credentials and other sensitive information by exploiting the publicly accessible Memcached service. The attack can occur over the public Internet in some cases.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
VendorProductVersion
elenosetg150_firmware
3.12
𝑥
= Vulnerable software versions
References
http://elenos.com
https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-34673
http://elenos.com
https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-34673