Unrated severityNVD Advisory· Published Oct 23, 2023· Updated Aug 2, 2024

Viessmann Vitogate 300 direct request

CVE-2023-5702

Description

A vulnerability was found in Viessmann Vitogate 300 up to 2.1.3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /cgi-bin/. The manipulation leads to direct request. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-243140. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Carrier/Vitogate 300llm-fuzzy
Range: <=2.1.3.0
Viessmann/Vitogate 300v5
Range: 2.1.0

Patches

Vulnerability mechanics

References

github.com/GTA12138/vul/blob/main/Viessmann/Vitogate300_Document_Unauthorized_Access.mdmitreexploit
vuldb.commitresignaturepermissions-required
vuldb.commitrevdb-entry

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.012
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000