# CVE-2023-37835

### <mark style="color:yellow;">**Description**</mark>&#x20;

An Insecure Direct Object Reference (IDOR) in Elenos ETG150 FMtransmitter v3.12 allows attackers to bypass authorization and access resources in the system directly.

**Discoverer: Eslam Kamal (Strik3r)**

**Vendor of Product: Elenos**

**Affected Product: Elenos ETG150 FM transmitter - 3.12**

### <mark style="color:yellow;">Details</mark>

Find full details here:

### [<mark style="color:yellow;">POC</mark>](https://github.com/strik3r0x1/Vulns/blob/main/\(IDOR\)%20leads%20to%20events%20profiles%20access%20-%20Elenos.md)