CVE-2023-5702

Summary

A vulnerability was found in Viessmann Vitogate 300 up to 2.1.3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /cgi-bin/. The manipulation leads to direct request. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-243140. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Affected Software

VendorProductVersion RangeStatus
ViessmannVitogate 3002.1.0affected
ViessmannVitogate 3002.1.1affected
ViessmannVitogate 3002.1.2affected
ViessmannVitogate 3002.1.3affected

Weaknesses

  • CWE-425: CWE-425 Direct Request

ADP Enrichment

CVE Program Container

Additional References

References