CVE-2023-43743 | Zultys MX-SE/MX-SE II/MX-E/MX-Virtual/MX250/MX30 prior 16.04 Patch 16109/17.0.10 Patch 17161 Web Interface /newapi/ filter sql injection (ATREDIS-2023-0002)

Posted by Angelo Barbosa | Dec 8, 2023 | CVE

A vulnerability was found in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250 and MX30. It has been classified as critical. Affected is an unknown function of the file /newapi/ of the component Web Interface. The manipulation of the argument filter leads to sql injection.

This vulnerability is traded as CVE-2023-43743. The attack needs to be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-43743 | Zultys MX-SE/MX-SE II/MX-E/MX-Virtual/MX250/MX30 prior 16.04 Patch 16109/17.0.10 Patch 17161 Web Interface /newapi/ filter sql injection (ATREDIS-2023-0002)

Related Posts

CVE-2023-49967 | Typecho 1.2.1 /index.php/action/xmlrpc resource consumption (Issue 1648)

CVE-2023-48737 | PT Trijaya Digital Grup TriPay Payment Gateway Plugin up to 3.2.7 on WordPress cross site scripting

CVE-2024-21497 | greenpau caddy-security redirect_url (Issue 268)

CVE-2024-20279 | Cisco Application Policy Infrastructure Controller (APIC) Restricted Security Domain access control (cisco-sa-apic-cousmo-uBpBYGbq)