{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T08:32:22.684","vulnerabilities":[{"cve":{"id":"CVE-2023-0750","sourceIdentifier":"vulnerability@ncsc.ch","published":"2023-04-06T14:15:07.913","lastModified":"2024-11-21T07:37:45.130","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Yellobrik PEC-1864 implements authentication checks via javascript in the frontend interface.  When the device can be accessed over the network an attacker could bypass authentication.\n\n\n\n\nThis would allow an attacker to : \n- Change the password, resulting in a DOS of the users\n\n- Change the streaming source, compromising the integrity of the stream\n\n- Change the streaming destination, compromising the confidentiality of the stream\n\n\n\n\n\n\n\n\nThis issue affects Yellowbrik: PEC 1864. No patch has been issued by the manufacturer as this model was discontinued.\n\n\n\n\n\n\n\n\n\n\n\n\n"}],"metrics":{"cvssMetricV31":[{"source":"vulnerability@ncsc.ch","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"vulnerability@ncsc.ch","type":"Secondary","description":[{"lang":"en","value":"CWE-602"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-311"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:lynx-technik:yellobrik_pec_1864_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"77D15174-B673-4FC9-A6A1-3AFCF7887840"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:lynx-technik:yellobrik_pec_1864:-:*:*:*:*:*:*:*","matchCriteriaId":"3DE5B4F1-4DFB-4FD3-92D5-43152E93ACAD"}]}]}],"references":[{"url":"https://support.lynx-technik.com/support/solutions/articles/1000317081-pec-1864-web-ui-for-configuration","source":"vulnerability@ncsc.ch","tags":["Vendor Advisory"]},{"url":"https://support.lynx-technik.com/support/solutions/articles/1000317081-pec-1864-web-ui-for-configuration","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}