CVE-2023-41926

HIGH

Webserver <unknown> - Info Disclosure

Title source: llm

Description

The webserver utilizes basic authentication for its user login to the configuration interface. As encryption is disabled on port 80, it enables potential eavesdropping on user traffic, making it possible to intercept their credentials.

References (1)

[Various Sources] https://advisories.ncsc.nl/advisory?id=NCSC-2024-0273

Scores

CVSS v3 8.8

EPSS 0.0013

EPSS Percentile 32.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE

CWE-522

Status draft

Timeline

Published Jul 02, 2024

Tracked Since Feb 18, 2026