CVE-2023-33274 Information

Description

The authentication mechanism in PowerShield SNMP Web Pro 1.1 contains a vulnerability that allows unauthenticated users to directly access Common Gateway Interface (CGI) scripts without proper identification or authorization. This vulnerability arises from a lack of proper cookie verification and affects all instances of SNMP Web Pro 1.1 without HTTP Digest authentication enabled regardless of the password used for the web interface.

Reference

https://gist.github.com/pedromonteirobb/a0584095b46141702c8cae0f3f1b6759