CVE-2023-6930
CRITICALEuroTel ETL3100 v01c01 and v01x37 - Unauthenticated Sensitive Information Disclosure via Configuration and Log Download
Title source: llmDescription
EuroTel ETL3100 versions v01c01 and v01x37 suffer from an unauthenticated configuration and log download vulnerability. This enables the attacker to disclose sensitive information and assist in authentication bypass, privilege escalation, and full system access.
References (1)
Core 1
Core References
Third Party Advisory, US Government Resource government-resource
https://www.cisa.gov/news-events/ics-advisories/icsa-23-353-05
Scores
CVSS v3
9.4
EPSS
0.0082
EPSS Percentile
52.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-284
Status
published
Products (2)
eurotel/etl3100_firmware
01c01
eurotel/etl3100_firmware
01x37
Published
Dec 19, 2023
Tracked Since
Feb 18, 2026