Improper-Authentication Vulnerability in TN-5900 Series Firmware v3.3 and Prior

Improper-Authentication Vulnerability in TN-5900 Series Firmware v3.3 and Prior

CVE-2023-33237 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

TN-5900 Series firmware version v3.3 and prior is vulnerable to improper-authentication vulnerability. This vulnerability arises from inadequate authentication measures implemented in the web API handler, allowing low-privileged APIs to execute restricted actions that only high-privileged APIs are allowed This presents a potential risk of unauthorized exploitation by malicious actors. 

Learn more about our Web App Pen Testing.