Insecure Permissions in GARO Wallbox GLB/GTB/GTC Settings Page Allows for Man-in-the-Middle Attack

Insecure Permissions in GARO Wallbox GLB/GTB/GTC Settings Page Allows for Man-in-the-Middle Attack

CVE-2023-30399 · HIGH Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Insecure permissions in the settings page of GARO Wallbox GLB/GTB/GTC before v189 allows attackers to redirect users to a crafted update package link via a man-in-the-middle attack.

Learn more about our User Device Pen Test.