1. Home
  2. CVE Database
  3. CVE-2023-41926
HIGH · 8.8

CVE-2023-41926

The webserver utilizes basic authentication for its user login to the configuration interface. As encryption is disabled on port 80, it enables potential eavesdropping on user traffic, making it possi...

Vulnerability Description

The webserver utilizes basic authentication for its user login to the configuration interface. As encryption is disabled on port 80, it enables potential eavesdropping on user traffic, making it possible to intercept their credentials.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Related Weaknesses (CWE)

CWE-522

References

FAQ

What is CVE-2023-41926?

CVE-2023-41926 is a vulnerability with a CVSS score of 8.8 (HIGH). The webserver utilizes basic authentication for its user login to the configuration interface. As encryption is disabled on port 80, it enables potential eavesdropping on user traffic, making it possi...

How severe is CVE-2023-41926?

CVE-2023-41926 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-41926?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.