CVE-2023-5881 Unauthenticated access permitted to web interface page "Garage Door Control Module Setup"

2024-01-0319:22:08

CWE-306

rapid7

www.cve.org

cve-2023-5881

web interface

genie company aladdin connect

retrofit-kit

garage door

ssid settings

AI Score

8.4

Confidence

High

EPSS

0.001

Percentile

37.2%

JSON

Unauthenticated access permitted to web interface page The Genie Company Aladdin Connect (Retrofit-Kit Model ALDCM) “Garage Door Control Module Setup” and modify the Garage door’s SSID settings.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "RTOS"
    ],
    "product": "Aladdin Connect (Retrofit-Kit)",
    "vendor": "The Genie Company",
    "versions": [
      {
        "lessThanOrEqual": "<=14.1.1",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]