Key Information Summary Vulnerability Title: Tinycontrol LAN Controller v3 (LK3) Remote Denial Of Service Exploit Advisory ID: ZSL-2023-5785 Type: Local/Remote Impact: Security Bypass, DoS Risk Level: 4/5 Release Date: 2023-08-31 Vulnerability Description The affected device contains an unauthenticated remote denial-of-service vulnerability. Attackers can directly send requests to the page, causing the device to reboot. Additionally, attackers can reset the device’s factory settings. Affected Vendors and Versions Vendor: Tinycontrol - https://www.tinycontrol.pl Affected Versions: <=1.58a, HW 3.8 Vendor Status 2023-08-18: Vulnerability discovered 2023-08-19: Vendor contacted 2023-08-30: No response received from vendor 2023-08-31: Security advisory publicly released Reference Links 1. Packet Storm Security 2. CXSecurity 3. ExploitDB 4. X-Force IBM 5. VulnCheck 6. CVE