CVE Details
Basic Information
| Title | Lucky LM-520-SC/LM-520-FSC/LM-520-FSC-SAM missing authentication |
|---|---|
| Type | cve |
| Published | 2025-06-09T12:00:16.820Z |
| Last Seen |
Product Information
| Vendor | Lucky |
|---|---|
| Product | LM-520-SC |
| Version | 20250321 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A vulnerability in Lucky LM-520-SC, LM-520-FSC, and LM-520-FSC-SAM devices allows remote attackers to exploit missing authentication mechanisms. This could lead to unauthorized access. The vendor has not responded to disclosure attempts, and a public exploit is available. |
|---|---|
| AI Severity | Medium |
| Vendor | Lucky Technology Ltd |
| Product | LM-520-SC, LM-520-FSC, LM-520-FSC-SAM |
| Affected Version | 20250321 |
Affected Products
- Lucky LM-520-SC 20250321
- Lucky LM-520-FSC 20250321
- Lucky LM-520-FSC-SAM 20250321
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-306, CWE-287 |
| Bulletin Family |
References
Description
A vulnerability classified as problematic was found in Lucky LM-520-SC, LM-520-FSC and LM-520-FSC-SAM up to 20250321. Affected by this vulnerability is an unknown functionality. The manipulation leads to missing authentication. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.