CVE-2023-6308

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Nov 27, 2023
Updated: May 17, 2024
CWE ID 434

Summary

CVE-2023-6308 is a critical vulnerability affecting Xiamen Four-Faith Video Surveillance Management Systems from 2016 and 2017. The issue lies within an unspecified component using Apache Struts. This weakness enables unrestricted file uploads, allowing remote attackers to exploit the system. The vulnerability, identified as VDB-246134, has been disclosed to the public, increasing the risk of potential exploitation. Despite early notification, the vendor has not responded to the disclosure.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share