Vulnerabilities > Sielco > Analog FM Transmitter Exc1000Gx Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-26 | CVE-2023-41966 | Improper Privilege Management vulnerability in Sielco products The application suffers from a privilege escalation vulnerability. | 8.8 |
| 2023-10-26 | CVE-2023-42769 | Improper Restriction of Excessive Authentication Attempts vulnerability in Sielco products The cookie session ID is of insufficient length and can be exploited by brute force, which may allow a remote attacker to obtain a valid session, bypass authentication, and manipulate the transmitter. | 9.8 |
| 2023-10-26 | CVE-2023-45228 | Unspecified vulnerability in Sielco products The application suffers from improper access control when editing users. A user with read permissions can manipulate users, passwords, and permissions by sending a single HTTP POST request with modified parameters. | 6.5 |
| 2023-10-26 | CVE-2023-45317 | Cross-Site Request Forgery (CSRF) vulnerability in Sielco products The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. | 8.8 |