CVE-2023-43744 | Zultys MX-SE/MX-SE II/MX-E/MX-Virtual/MX250/MX30 prior 16.04 Patch 16109/17.0.10 Patch 17161 Patch Application file os command injection (ATREDIS-2023-0002)

Inserito da Angelo Barbosa | Dic 8, 2023 | CVE

A vulnerability was found in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250 and MX30. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Patch Application Handler. The manipulation of the argument file leads to os command injection.

This vulnerability is known as CVE-2023-43744. The attack needs to be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-43744 | Zultys MX-SE/MX-SE II/MX-E/MX-Virtual/MX250/MX30 prior 16.04 Patch 16109/17.0.10 Patch 17161 Patch Application file os command injection (ATREDIS-2023-0002)

Post correlati

CVE-2024-43352 | Organic Themes GivingPress Lite Plugin up to 1.8.6 on WordPress cross site scripting

CVE-2023-6899 | rmountjoy92 DashMachine 0.5-4 Config /settings/save_config value_template code injection

CVE-2024-30292 | Adobe Framemaker up to 2020.5/2022.3 out-of-bounds write (apsb24-37)

CVE-2023-42748 | Unisoc S8000 Telecom Service permission