CVE-2023-6899 | rmountjoy92 DashMachine 0.5-4 Config /settings/save_config value_template code injection

Posted by Angelo Barbosa | Dec 16, 2023 | CVE

A vulnerability classified as problematic was found in rmountjoy92 DashMachine 0.5-4. Affected by this vulnerability is an unknown functionality of the file /settings/save_config of the component Config Handler. The manipulation of the argument value_template leads to code injection.

This vulnerability is known as CVE-2023-6899. The attack can only be initiated within the local network. Furthermore, there is an exploit available.

CVE-2023-6899 | rmountjoy92 DashMachine 0.5-4 Config /settings/save_config value_template code injection

Related Posts

CVE-2024-35820 | Linux Kernel up to 6.7.11/6.8.2 io_uring __io_queue_proc Privilege Escalation (51a490a7f63c/0ecb8919469e/1a8ec63b2b6c)

CVE-2023-50269 | Squid Web Proxy up to 2.7.STABLE9/5.9/6.5 HTTP Request Parser X-Forwarded-For recursion

CVE-2024-32815 | Jeroen Peters All-in-one Like Widget Plugin up to 2.2.7 on WordPress cross site scripting

CVE-2023-50868 | Unbound up to 1.19.0 NSEC3 RRSET Response denial of service