ByteOS Network

CVE Vulnerability Details :

CVE-2023-49262

PUBLISHED

More Info Official Page

Assigner-CERT-PL

Assigner Org ID-4bb8329e-dd38-46c1-aafb-9bf32bcb93c6

Published At-12 Jan, 2024 | 14:25

Updated At-03 Jun, 2025 | 14:04

▼CVE Numbering Authority (CNA)

Buffer overflow vulnerability in Cookie authentication field

The authentication mechanism can be bypassed by overflowing the value of the Cookie "authentication" field, provided there is an active user session.

Affected Products

Vendor

Hongdian

Product

H8951-4G-ESP

Default Status

unaffected

Versions

Affected

From 0 before 2310271149 (custom)

Problem Types

Type	CWE ID	Description
CWE	CWE-190	CWE-190 Integer Overflow or Wraparound

Impacts

CAPEC ID	Description
CAPEC-115	CAPEC-115 Authentication Bypass

Credits

finder

Robert Pogorzelski (SEQRED)

References

Hyperlink	Resource
https://cert.pl/en/posts/2024/01/CVE-2023-49253/	third-party-advisory
https://cert.pl/posts/2024/01/CVE-2023-49253/	third-party-advisory

▼Authorized Data Publishers (ADP)

1. CVE Program Container

References

Hyperlink	Resource
https://cert.pl/en/posts/2024/01/CVE-2023-49253/	third-party-advisory x_transferred
https://cert.pl/posts/2024/01/CVE-2023-49253/	third-party-advisory x_transferred

2. CISA ADP Vulnrichment

Metrics

Version	Base score	Base severity	Vector
3.1	9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References