Unrated severityNVD Advisory· Published Feb 23, 2023· Updated Mar 12, 2025
CVE-2023-26462
CVE-2023-26462
Description
ThingsBoard 3.4.1 could allow a remote attacker to gain elevated privileges because hard-coded service credentials (usable for privilege escalation) are stored in an insecure format. (To read this stored data, the attacker needs access to the application server or its source code.)
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: = 3.4.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.