Vulnerability Description
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by incorrect access control. Lack of access control on the web manger pages allows any user to view and modify information.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Garo | Wallbox Gtb Firmware | <= 185 |
| Garo | Wallbox Gtb | - |
| Garo | Wallbox Gtc Firmware | <= 185 |
| Garo | Wallbox Gtc | - |
| Garo | Wallbox Glb Firmware | <= 185 |
| Garo | Wallbox Glb | - |
Related Weaknesses (CWE)
References
- https://github.com/delikely/advisory/tree/main/GAROThird Party Advisory
- https://github.com/delikely/advisory/tree/main/GAROThird Party Advisory
FAQ
What is CVE-2021-45878?
CVE-2021-45878 is a vulnerability with a CVSS score of 9.1 (CRITICAL). Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by incorrect access control. Lack of access control on the web manger pages allows any user to view and modify information.
How severe is CVE-2021-45878?
CVE-2021-45878 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2021-45878?
Check the references section above for vendor advisories and patch information. Affected products include: Garo Wallbox Gtb Firmware, Garo Wallbox Gtb, Garo Wallbox Gtc Firmware, Garo Wallbox Gtc, Garo Wallbox Glb Firmware.