CVE-2023-0102 CRITICAL

CVE-2023-0102: CVE-2023-0102

Vendor Ls Electric
Product XBC-DN32U
Weakness CWE-306 · Missing auth
Published February 15, 2023
Last update January 16, 2025

CVSS base score

9.1/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

What the vulnerability does

01Description

LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication for its deletion command. This could allow an attacker to delete arbitrary files.

Key dates

02Disclosure timeline

February 15, 2023 CVE published
January 16, 2025 Record updated

Related vulnerabilities

04Related CVE