CVE-2024-8887

CRITICAL

Circutor Q-smt Firmware - Denial of Service

Title source: rule

Description

CIRCUTOR Q-SMT in its firmware version 1.0.4, could be affected by a denial of service (DoS) attack if an attacker with access to the web service bypasses the authentication mechanisms on the login page, allowing the attacker to use all the functionalities implemented at web level that allow interacting with the device.

References (1)

[Third Party Advisory] https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-circutor-products

Scores

CVSS v3 10.0

EPSS 0.0007

EPSS Percentile 22.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-1284

Status published

Products (1)

circutor/q-smt_firmware 1.0.4

Published Sep 18, 2024

Tracked Since Feb 18, 2026