Vulnerabilities > CVE-2023-2759 - Unspecified vulnerability in Taphome Core Firmware

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

taphome

NVD

Published: 2023-07-17

Updated: 2024-11-21

Summary

A hidden API exists in TapHome's core platform before version 2023.2 that allows an authenticated, low privileged user to change passwords of other users without any prior knowledge. The attacker may gain full access to the device by using this vulnerability.

Vulnerable Configurations

Part	Description	Count
OS	Taphome Taphome Core Firmware -	1
Hardware	Taphome Taphome Core -	1

References

https://claroty.com/team82/disclosure-dashboard/cve-2023-2759
https://claroty.com/team82/disclosure-dashboard/cve-2023-2759