Multilaser Sirius Password Change Handler Improper Authentication Vulnerability

Vulnerability

A critical vulnerability has been identified in the Multilaser Sirius RE016 MLT1.0 model, specifically within an unknown function of the file '/cgi-bin/cstecgi.cgi', which handles password changes. This vulnerability allows for improper authentication and can be exploited remotely. The issue has been publicly disclosed, and the vendor was contacted prior to this disclosure but did not respond.

Impact

Exploitation of this vulnerability allows for improper authentication, potentially leading to unauthorized access or actions within the application.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Multilaser Sirius Password Change Handler Improper Authentication Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating