What the vulnerability does
01Description
Waybox Enel TCF Agent service could be used to get administrator’s privileges over the Waybox system.
CVE-2023-29121
CRITICAL
CVE-2023-29121: Exposed TCF agent service in Enel X Juicebox
CVSS base score
9.6/10
CVSS vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Key dates
02Disclosure timeline
November 5, 2024
CVE published
November 5, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-39758
CVE-2023-1832 Improper authorization check in the server component
CVE-2026-3668 Freedom Factory dGEN1 org.ethosmobile.webpwaemul AndroidEthereum access control
CVE-2021-34795 Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities
CVE-2025-47993 Microsoft PC Manager Elevation of Privilege Vulnerability
