Unencrypted HTTP Connection in Akuvox E11 Cloud Login Allows Unauthorized Access

Unencrypted HTTP Connection in Akuvox E11 Cloud Login Allows Unauthorized Access

CVE-2023-0346 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Akuvox E11 cloud login is performed through an unencrypted HTTP connection. An attacker could gain access to the Akuvox cloud and device if the MAC address of a device if known.

Learn more about our Cloud Audit.