Is CVE-2023-43134 actively exploited?

CVE-2023-43134 has no public evidence of in-the-wild exploitation as of 2024-11-21.

What is the CVSS score for CVE-2023-43134?

CVE-2023-43134 has a CVSS score of 9.8 (CRITICAL severity). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

How do I patch CVE-2023-43134?

Patch guidance is available from netis-systems security advisories. CVEDatabase generates AI-assisted remediation guidance on demand for CVE-2023-43134.

Which products are affected by CVE-2023-43134?

1 product: netis-systems 360r firmware.

Fix CVE-2023-43134 - CRITICAL netis-systems 360r firmware

Description

There is an unauthorized access vulnerability in Netis 360RAC1200 v1.3.4517, which allows attackers to obtain sensitive information of the device without authentication, obtain user tokens, and ultimately log in to the device backend management.

CVSS Metrics

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector: network
Complexity: low
Privileges: none
User Action: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
Weaknesses: CWE-862 · Missing Authorization

Metadata

Primary Vendor: NETIS-SYSTEMS
Published: 9/20/2023
Last Modified: 11/21/2024
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

CVE-2023-43134

Description

CVSS Metrics

Metadata

Affected Products

Remediation Guidance

Executive Summary