Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-23451

EPSS 0.35% · P57
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2023-23451

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN4 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK FX0-GENT00000 FLEXISOFT EIP GATEW. with serial number <=2311xxxx with Firmware <=V2.11.0, SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. with serial number <=2311xxxx with Firmware <=V2.11.0, SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. with serial number <=2311xxxx with Firmware <=V2.12.0, SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 with serial number <=2311xxxx all Firmware versions, SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 with serial number <=2311xxxx all Firmware versions and SICK FX0-GMOD00010 FLEXISOFT MOD GW with serial number <=2311xxxx with Firmware <=V2.11.0 all have Telnet enabled by factory default. No password is set in the default configuration.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
对废弃函数的使用
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款SICK产品访问控制错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
SICK FX0-GPNT00000是德国西克(SICK)公司的一款内置了以太网交换机的安全控制模块。 SICK Flexi Classic 、 Flexi Soft Gateways存在访问控制错误漏洞,该漏洞源于出厂默认启用 Telnet,默认配置中没有设置密码,以下产品和版本受到影响:SICK FX0-GENT000, SICK FX0-GENT0003000, SICK FX0-GMOD00000, SICK FX0-GMOD00010, SICK FX0-GPNT00000, SICK FX0-
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
N/ASICK FX0-GENT00000, SICK FX0-GENT00030, SICK FX0-GMOD00000, SICK FX0-GMOD00010, SICK FX0-GPNT00000, SICK FX0-GPNT00030, SICK UE410-EN1, SICK UE410-EN3, SICK UE410-EN3S04, SICK UE410-EN4 <=2311xxxx -

II. Public POCs for CVE-2023-23451

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2023-23451

登录查看更多情报信息。

Same Patch Batch · N/A · 2023-04-19 · 67 CVEs total

CVE-2021-0875Google Android 输入验证错误漏洞
CVE-2023-28122UI Desktop 安全漏洞
CVE-2023-22894Strapi 安全漏洞
CVE-2023-22893Strapi 授权问题漏洞
CVE-2023-29923PowerJob 安全漏洞
CVE-2023-29586Code Sector TeraCopy 安全漏洞
CVE-2023-29922PowerJob 安全漏洞
CVE-2021-0872Google Android 输入验证错误漏洞
CVE-2021-0873Google Android 输入验证错误漏洞
CVE-2021-0874Google Android 输入验证错误漏洞
CVE-2023-27777Sourcecodester Online Jewelry Shop 跨站脚本漏洞
CVE-2021-0876Google Android 输入验证错误漏洞
CVE-2021-0878Google Android 输入验证错误漏洞
CVE-2021-0879Google Android 输入验证错误漏洞
CVE-2021-0880Google Android 输入验证错误漏洞
CVE-2021-0881Google Android 输入验证错误漏洞
CVE-2021-0882Google Android 输入验证错误漏洞
CVE-2021-0883Google Android 输入验证错误漏洞
CVE-2021-0884Google Android 输入验证错误漏洞
CVE-2021-0885Google Android 输入验证错误漏洞

Showing top 20 of 67 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

Same vendor: N/A
Same weakness: CWE-477

V. Comments for CVE-2023-23451

No comments yet

Leave a comment