CVE-2023-23590 Information

Description

Mercedes-Benz XENTRY Retail Data Storage 7.8.1 allows remote attackers to cause a denial of service (device restart) via an unauthenticated API request. The attacker must be on the same network as the device.

Reference

https://medium.com/@windsormoreira/xentry-retail-data-storage-v7-8-1-denial-of-service-cve-2023-23590-60b65f5fa358 https://b2bconnect.mercedes-benz.com/gb/workshop-solutions/diagnosis/retail-data-storage