CVE-2023-43844

HIGH

Aten PE6208 <2.3.228-2.4.232 - Privilege Escalation

Title source: llm

Description

Aten PE6208 2.3.228 and 2.4.232 have default credentials for the privileged web interface account. The user is not asked to change the credentials after first login. If not changed, attackers can log in to the web interface and gain administrator privileges.

References (1)

[Exploit, Third Party Advisory] https://github.com/setersora/pe6208

View Exploit ZIP pw:eip

Scores

CVSS v3 8.0

EPSS 0.0017

EPSS Percentile 37.4%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-1392

Status published

Products (1)

aten/pe6208_firmware 2.3.228 - 2.4.239

Published May 28, 2024

Tracked Since Feb 18, 2026