CVE-2023-39809
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Aug 21, 2023
Updated: Aug 24, 2023
CWE ID 77
Summary
CVE-2023-39809 is a newly disclosed vulnerability affecting N.V.K.INTER CO., LTD.'s iBSG v3.5. This issue allows an attacker to inject commands through the system_hostname parameter found in /manage/network-basic.php, potentially leading to serious system compromises. Successful exploitation of this vulnerability could enable an attacker to execute arbitrary code and gain elevated privileges, posing a significant risk to impacted systems. Organizations running iBSG v3.5 are urged to apply the necessary patches as soon as possible to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- nVki