Vulnerabilities > CVE-2023-29126 - Unspecified vulnerability in Enelx Waybox PRO Firmware

CVSS 8.8 - HIGH

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

enelx

NVD

Published: 2024-11-05

Updated: 2024-11-08

Summary

The Waybox Enel X web management application contains a PHP-type juggling vulnerability that may allow a brute force process and under certain conditions bypass authentication.

Vulnerable Configurations

Part	Description	Count
OS	Enelx Enelx Waybox PRO Firmware *	1
Hardware	Enelx Enelx Waybox PRO 3.0	1

References

https://support-emobility.enelx.com/content/dam/enelxmobility/italia/documenti/manuali-schede-tecniche/Waybox-3-Security-Bulletin-06-2024-V1.pdf