Floragasse 7 – 5th floor, 1040 Vienna
Subscribe to our Newsletter

News

SBA Security Advisory – MOKOSmart MKGW1 Gateway – Improper Session Management (CVE-2023-51059)

Vulnerability Overview

MOKOSmart MKGW1 Gateway devices with firmware version 1.1.1 do not provide an adequate session management for the administrative web interface. This allows adjacent attackers with access to the management network to read and modify the configuration of the device.

  • Type of Vulnerability: Improper Authentication
  • CVE ID: CVE-2023-51059
  • CVSSv3.1 Vector: AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • CVSSv3.1 Base Score: 8.0 (High)

Links

Full Security Advisory

Credits