CVE-2023-43848

HIGH

Aten PE6208 <2.4.232 - Privilege Escalation

Title source: llm

Description

Incorrect access control in the firewall management function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote authenticated users to alter local firewall settings of the device as if they were the administrator via HTTP POST request.

References (1)

Core 1

Core References

Exploit, Third Party Advisory

https://github.com/setersora/pe6208

View Exploit ZIP pw:eip

Scores

CVSS v3 8.0

EPSS 0.0045

EPSS Percentile 36.2%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-284

Status published

Products (1)

aten/pe6208_firmware 2.3.228 - 2.4.239

Published May 28, 2024

Tracked Since Feb 18, 2026