GCVE - cpe:2.3:o:sielco:analog_fm_transmitter_exc1000gx

Approved changes feed: RSS · Atom

cpe:2.3:o:sielco:analog_fm_transmitter_exc1000gx_firmware:-:*:*:*:*:*:*:*

part: o version: - update: *

Vendor	Sielco (`a8a62961-1802-5665-af0e-9c7645696d18`)
Product	Analog Fm Transmitter Exc1000Gx Firmware (`3d6e0197-673a-54ed-a110-c9cdacbd74af`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-45317`	vulnerable	2026-06-03 14:53:07.930348	Sielco Radio Link and Analog FM Transmitters Cross-Site Request Forgery HIGH (8.8) The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site. Published: 2023-10-26T16:17:37.365Z Updated: 2025-01-16T21:28:15.955Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-23-299-08 https://www.sielco.org/en/contacts	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-45228`	vulnerable	2026-06-03 14:53:07.827564	Sielco Radio Link and Analog FM Transmitters Improper Access Control MEDIUM (6.5) The application suffers from improper access control when editing users. A user with read permissions can manipulate users, passwords, and permissions by sending a single HTTP POST request with modified parameters. Published: 2023-10-26T16:19:41.642Z Updated: 2025-01-16T21:28:09.489Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-23-299-08 https://www.sielco.org/en/contacts	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-42769`	vulnerable	2026-06-03 14:52:54.083000	Sielco Radio Link and Analog FM Transmitters Improper Access Control CRITICAL (9.8) The cookie session ID is of insufficient length and can be exploited by brute force, which may allow a remote attacker to obtain a valid session, bypass authentication, and manipulate the transmitter. Published: 2023-10-26T16:15:17.707Z Updated: 2025-01-16T21:28:22.775Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-23-299-08 https://www.sielco.org/en/contacts	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-41966`	vulnerable	2026-06-03 14:52:52.861000	Sielco Radio Link and Analog FM Transmitters Privilege Defined With Unsafe Actions MEDIUM (6.5) The application suffers from a privilege escalation vulnerability. A user with read permissions can elevate privileges by sending a HTTP POST to set a parameter. Published: 2023-10-26T16:21:56.412Z Updated: 2025-01-16T21:28:02.298Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-23-299-08 https://www.sielco.org/en/contacts	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Sielco Analog FM Transmitter EXC1000GX Firmware

PURL mappings

Vulnerability references

Contribute