Elenos Etg150 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Elenos Etg150 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2023-34672 — CVSS 8.8 (high): Improper Access Control leads to adding a high-privilege user affecting Elenos ETG150 FM transmitter running on version 3.12 by exploiting…
CVE-2023-37832 — CVSS 7.5 (high): A lack of rate limiting in Elenos ETG150 FM transmitter v3.12 allows attackers to obtain user credentials via brute force and cause other…
CVE-2023-34673 — CVSS 6.5 (medium): Elenos ETG150 FM transmitter running on version 3.12 was discovered to be leaking SMTP credentials and other sensitive information by…
CVE-2023-45396 — CVSS 6.5 (medium): An Insecure Direct Object Reference (IDOR) vulnerability leads to events profiles access in Elenos ETG150 FM transmitter running on version…
CVE-2023-37831 — CVSS 5.3 (medium): An issue discovered in Elenos ETG150 FM transmitter v3.12 allows attackers to enumerate user accounts based on server responses when…
CVE-2023-39695 — CVSS 5.3 (medium): Insufficient session expiration in Elenos ETG150 FM Transmitter v3.12 allows attackers to arbitrarily change transmitter configuration and…
CVE-2023-37833 — CVSS 2.7 (low): Improper access control in Elenos ETG150 FM transmitter v3.12 allows attackers to make arbitrary configuration edits that are only accessed…