CVE-2023-41354 MEDIUM

CVE-2023-41354: Chunghwa Telecom NOKIA G-040W-Q - Exposure of Sensitive Information

Vendor Chunghwa Telecom

Product NOKIA G-040W-Q

Weakness CWE-200 · Info exposure

Published November 3, 2023

Last update September 5, 2024

View on NVD All CVEs

CVSS base score

4.0/10

Attack vector Local

Attack complexity Low

Privileges required None

User interaction None

Confidentiality Low

Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

Chunghwa Telecom NOKIA G-040W-Q Firewall function does not block ICMP TIMESTAMP requests by default, an unauthenticated remote attacker can exploit this vulnerability by sending a crafted package, resulting in partially sensitive information exposed to an actor.

Key dates

02Disclosure timeline

November 3, 2023 CVE published

September 5, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-41354

Related vulnerabilities

04Related CVE

CVE-2025-13804 nutzam NutzBoot Ethereum Wallet EthModule.java information disclosure CVE-2026-41520 Cillium exposes sensitive information included in the cilium-bugtool debug archive CVE-2025-52630 HCL AION is susceptible to Missing or insecure "X-Content-Type-Options" header vulnerability CVE-2023-51687 WordPress Product Catalog Simple Plugin <= 1.7.6 is vulnerable to Sensitive Data Exposure CVE-2021-29115 An information disclosure vulnerability