Vulnerabilities > CVE-2022-46308 - Unspecified vulnerability in Sguda U-Lock Firmware

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

sguda

NVD

Published: 2023-06-02

Updated: 2024-11-21

Summary

SGUDA U-Lock central lock control service’s user management function has incorrect authorization. A remote attacker with general user privilege can exploit this vulnerability to call privileged APIs to access, modify and delete user information.

Vulnerable Configurations

Part	Description	Count
OS	Sguda Sguda U Lock Firmware -	1
Hardware	Sguda Sguda U Lock -	1

References

https://www.twcert.org.tw/tw/cp-132-7100-7a15c-1.html
https://www.twcert.org.tw/tw/cp-132-7100-7a15c-1.html