What is GHSA-fhqm-w73x-978p?

GHSA-fhqm-w73x-978p is a security advisory published by GitHub Security Advisories with Critical severity. Incorrect access control in the /uci/get/ endpoint of NOVUS AirGate 4G firmware v1.1.16 allows...

Which CVE IDs does GHSA-fhqm-w73x-978p cover?

GHSA-fhqm-w73x-978p covers the following CVE IDs: CVE-2023-24215. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-fhqm-w73x-978p?

GHSA-fhqm-w73x-978p has a CVSS v3 base score of 9.1, published by GitHub Security Advisories.

GHSA-fhqm-w73x-978pCriticalCVSS 9.1

Incorrect access control in the /uci/get/ endpoint of NOVUS AirGate 4G firmware v1.1.16 allows...

Vendor

GitHub Security Advisories

Published

May 18, 2026

Last Modified

May 19, 2026

🔗 CVE IDs covered (1)

CVE-2023-24215 →

📋 Description

Incorrect access control in the /uci/get/ endpoint of NOVUS AirGate 4G firmware v1.1.16 allows unauthenticated attackers to obtain administrator credentials via a crafted POST request.

🔗 References (5)

https://nvd.nist.gov/vuln/detail/CVE-2023-24215
https://github.com/sql3t0/cve-disclosures/blob/main/00_-_CVE-2023-24215.md
http://airgate.com
http://novus.com
https://github.com/advisories/GHSA-fhqm-w73x-978p