CVE-2023-45599

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Mar 5, 2024

CWE ID 646

Summary

CVE-2023-45599 is a new vulnerability affecting the "iec61850" functionality of the AiLux imx6 bundle web application. This issue, classified as CWE-646, enables a remote authenticated attacker to upload any file type they choose, taking advantage of the application's reliance on the file name or extension supplied by the attacker. Affected versions below imx6_1.0.7-2 are at risk. This vulnerability could potentially lead to unintended execution of code or unauthorized access to sensitive information. Users are advised to upgrade to the latest version of the software to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s8NmDo
https://www.cve.org/CVERecord?id=CVE-2023-45599
https://nvd.nist.gov/vuln/detail/CVE-2023-45599

Back to Vulnerability Database

CVE-2023-45599

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations