What is CVE-2023-41353?

CVE-2023-41353 is a vulnerability in Chunghwa Telecom NOKIA G-040W-Q which has weak password requirements, allowing a remote attacker to infer the administrator password and gain admin access.

How severe is CVE-2023-41353?

CVE-2023-41353 has a severity rating of 8.8 (high).

How can a remote attacker exploit CVE-2023-41353?

A remote attacker with regular user privilege can log in to the system, infer the administrator password from system information, and then gain admin access.

What is the impact of CVE-2023-41353?

The impact of CVE-2023-41353 is that the attacker can perform arbitrary system operations or disrupt services.

Is there a fix for CVE-2023-41353?

It is recommended to update the firmware of the Chunghwa Telecom NOKIA G-040W-Q device to a version that addresses the weak password requirements vulnerability.

Vulnerability/
CVE-2023-41353

high

8.8

CWE

521

3/11/2023

6/9/2024

CVE-2023-41353: Chunghwa Telecom NOKIA G-040W-Q - Weak Password Requirements

First published: Fri Nov 03 2023(Updated: )

Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. A remote attacker with regular user privilege can easily infer the administrator password from system information after logging system, resulting in admin access and performing arbitrary system operations or disrupt service.

Credit: twcert@cert.org.tw

Affected Software	Affected Version	How to fix
Nokia G-040w-q Firmware	=g040wqr201207
NOKIA G-040W-Q

Remedy

Update version to G040WQR231013.

Never miss a vulnerability like this again

Reference Links

https://www.twcert.org.tw/tw/cp-132-7503-a27ed-1.html

Frequently Asked Questions

What is CVE-2023-41353?
CVE-2023-41353 is a vulnerability in Chunghwa Telecom NOKIA G-040W-Q which has weak password requirements, allowing a remote attacker to infer the administrator password and gain admin access.
How severe is CVE-2023-41353?
CVE-2023-41353 has a severity rating of 8.8 (high).
How can a remote attacker exploit CVE-2023-41353?
A remote attacker with regular user privilege can log in to the system, infer the administrator password from system information, and then gain admin access.
What is the impact of CVE-2023-41353?
The impact of CVE-2023-41353 is that the attacker can perform arbitrary system operations or disrupt services.
Is there a fix for CVE-2023-41353?
It is recommended to update the firmware of the Chunghwa Telecom NOKIA G-040W-Q device to a version that addresses the weak password requirements vulnerability.

collector/nvd-api
agent/type
agent/event
agent/softwarecombine
agent/first-publish-date
agent/weakness
agent/title
agent/references
agent/author
agent/remedy
agent/severity
agent/tags
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
vendor/nokia
canonical/nokia g-040w-q firmware
version/nokia g-040w-q firmware/g040wqr201207
canonical/nokia g-040w-q

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.