汇总 connectize 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
已披露问题常与 跨站脚本与CSRF 相关,可能在 生产负载与软件部署 场景中带来 会话劫持 等暴露风险。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2023-24052 | An issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain control of the device via the change password functionality as it does not prompt for the current password. | [email protected] | 9.8 | 0.73% | 2023-12-04 | 2026-06-17 |
| CVE-2023-24051 | A client side rate limit issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges via brute force style attacks. | [email protected] | 9.8 | 0.73% | 2023-12-04 | 2026-06-17 |
| CVE-2023-24050 | Cross Site Scripting (XSS) vulnerability in Connectize AC21000 G6 641.139.1.1256 allows attackers to run arbitrary code via crafted string when setting the Wi-Fi password in the admin panel. | [email protected] | 5.4 | 0.43% | 2023-12-04 | 2026-06-17 |
| CVE-2023-24049 | An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges on the device via poor credential management. | [email protected] | 9.8 | 0.73% | 2023-12-04 | 2026-06-17 |
| CVE-2023-24048 | Cross Site Request Forgery (CSRF) vulnerability in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain control of the device via crafted GET request to /man_password.htm. | [email protected] | 8.8 | 0.35% | 2023-12-04 | 2026-06-17 |
| CVE-2023-24047 | An Insecure Credential Management issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges via use of weak hashing algorithm. | [email protected] | 6.8 | 0.37% | 2023-12-04 | 2026-06-17 |
| CVE-2023-24046 | An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to run arbitrary commands via use of a crafted string in the ping utility. | [email protected] | 6.8 | 0.62% | 2023-12-04 | 2026-06-17 |