CVE-2023-6577

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Dec 7, 2023
Updated: Mar 21, 2024
CWE ID 22

Summary

CVE-2023-6577 is a vulnerability found in Beijing Baichuo PatrolFlow 2530Pro up to 20231126. It involves a path traversal issue in the file /log/mailsendview.php, which can be manipulated through the argument file in /boot/phpConfig/tb_admin.txt. This vulnerability can be exploited remotely, and its exploit has been publicly disclosed. The vendor was notified but did not respond. The vulnerability has a CVSS score of 4.0, indicating a medium severity level, with low privileges required and low user interaction. Its impact is rated as low on confidentiality and none on integrity and availability.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-6577 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options