Vulnerabilities > CVE-2023-29116 - Unspecified vulnerability in Enelx Waybox PRO Firmware

CVSS 4.3 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

low complexity

enelx

NVD

Published: 2024-11-05

Updated: 2024-11-08

Summary

Under certain conditions, through a request directed to the Waybox Enel X web management application, information like Waybox OS version or service configuration details could be obtained.

Vulnerable Configurations

Part	Description	Count
OS	Enelx Enelx Waybox PRO Firmware *	1
Hardware	Enelx Enelx Waybox PRO 3.0	1

References

https://support-emobility.enelx.com/content/dam/enelxmobility/italia/documenti/manuali-schede-tecniche/Waybox-3-Security-Bulletin-06-2024-V1.pdf