What the vulnerability does
01Description
Under certain circumstances IQ Panel4 and IQ4 Hub panel software prior to version 4.4.2 could allow unauthorized access to settings.
CVE-2024-0242
HIGH
CVE-2024-0242: Unauthorized access to settings in Qolsys IQ Panel 4 and IQ4 Hub
CVSS base score
7.3/10
CVSS vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H
Key dates
02Disclosure timeline
February 8, 2024
CVE published
August 1, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-45388 Arbitrary file read in the `/api/v2/simulation` endpoint in hoverfly (`GHSL-2023-274`)
CVE-2023-26108
CVE-2025-53624 docusaurus-plugin-content-gists Exposes GitHub Personal Access Token
CVE-2024-1643 Unauthorized Organization Access in lunary-ai/lunary
CVE-2023-47222 Media Streaming add-on
