CNNVD-202509-3758 Information
CNNVD ID
CNNVD-202509-3758
Related CVE
- CNNVD Published: 2025-09-23
Description (Chinese)
Viessmann Vitogate 300是德国Viessmann公司的一款通信网关。 Viessmann Vitogate 300存在安全漏洞,该漏洞源于未实施正确的服务器端身份验证且依赖前端身份验证控制,可能导致攻击者通过修改浏览器开发者工具中的HTML元素绕过登录限制并获取设备完全控制权。
Description (English)
Viessmann Vitogate 300 is a communications gateway for Viessmann, Germany. Viessmann Vitogate 300 has a security loophole, which stems from the failure to implement proper server-end identification and reliance on front-end identification controls, which may lead the assailant to bypass the login restrictions and take full control of the equipment by modifying the HTML elements in the browser developers tool.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Viessmann
Published
2025-09-23
Last Modified
2026-02-24
References
https://www.corporate.carrier.com/product-security/advisories-resources/
Patch
https://www.corporate.carrier.com/product-security/advisories-resources/
Share on: