Vulnerability Description
An issue in MOKO TECHNOLOGY LTD MOKOSmart MKGW1 BLE Gateway v.1.1.1 and before allows a remote attacker to escalate privileges via the session management component of the administrative web interface.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mokosmart | Mkgw1 Gateway Firmware | <= 1.1.1 |
| Mokosmart | Mkgw1 Gateway | - |
References
- https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220120-01_MExploitThird Party Advisory
- https://www.mokosmart.com/wp-content/uploads/2019/10/GS-gateway.pdfProduct
- http://seclists.org/fulldisclosure/2024/Jan/6
- https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220120-01_MExploitThird Party Advisory
- https://www.mokosmart.com/wp-content/uploads/2019/10/GS-gateway.pdfProduct
FAQ
What is CVE-2023-51059?
CVE-2023-51059 is a vulnerability with a CVSS score of 8.8 (HIGH). An issue in MOKO TECHNOLOGY LTD MOKOSmart MKGW1 BLE Gateway v.1.1.1 and before allows a remote attacker to escalate privileges via the session management component of the administrative web interface.
How severe is CVE-2023-51059?
CVE-2023-51059 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-51059?
Check the references section above for vendor advisories and patch information. Affected products include: Mokosmart Mkgw1 Gateway Firmware, Mokosmart Mkgw1 Gateway.