CVE-2023-48252 HIGH

CVE-2023-48252

Vendor Rexroth
Product Nexo cordless nutrunner NXA015S-36V (0608842001)
Weakness CWE-285
Published January 10, 2024
Last update June 17, 2025
View on NVD All CVEs

CVSS base score

8.8/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

The vulnerability allows an authenticated remote attacker to perform actions exceeding their authorized access via crafted HTTP requests.

Key dates

02Disclosure timeline

January 10, 2024 CVE published
June 17, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-2589 code-projects Human Resource Management System Account.go Index improper authorization CVE-2023-5675 Quarkus: authorization flaw in quarkus resteasy reactive and classic when "quarkus.security.jaxrs.deny-unannotated-endpoints" or "quarkus.security.jaxrs.default-roles-allowed" properties are used. CVE-2021-42336 Huachu Digital Technology Co.,Ltd. Easytest - Improper Authorization CVE-2026-10272 a4m4 Student-Management-System deleteform.php improper authorization CVE-2026-47298 Microsoft SharePoint Server Remote Code Execution Vulnerability