CVE-2023-24838 CRITICAL

CVE-2023-24838: HGiga PowerStation - Information Leakage

Vendor Hgiga

Product PowerStation

Weakness CWE-200 · Info exposure

Published March 27, 2023

Last update February 19, 2025

View on NVD All CVEs

CVSS base score

9.8/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

HGiga PowerStation has a vulnerability of Information Leakage. An unauthenticated remote attacker can exploit this vulnerability to obtain the administrator's credential. This credential can then be used to login PowerStation or Secure Shell to achieve remote code execution.

Key dates

02Disclosure timeline

March 27, 2023 CVE published

February 19, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-24838

Related vulnerabilities

Identifiers

CVE CVE-2023-24838

CWE CWE-200

CVSS 9.8 / CRITICAL

Affected versions