CVE-2023-6899 | rmountjoy92 DashMachine 0.5-4 Config /settings/save_config value_template code injection

Posted by Angelo Barbosa | Dec 16, 2023 | CVE

A vulnerability classified as problematic was found in rmountjoy92 DashMachine 0.5-4. Affected by this vulnerability is an unknown functionality of the file /settings/save_config of the component Config Handler. The manipulation of the argument value_template leads to code injection.

This vulnerability is known as CVE-2023-6899. The attack can only be initiated within the local network. Furthermore, there is an exploit available.

CVE-2023-6899 | rmountjoy92 DashMachine 0.5-4 Config /settings/save_config value_template code injection

Related Posts

CVE-2024-39775 | OpenHarmony up to 4.1.0 out-of-bounds

CVE-2024-7636 | code-projects Simple Ticket Booking 1.0 Login authenticate.php email/password sql injection

CVE-2022-48933 | Linux Kernel up to 5.4.181/5.10.102/5.15.25/5.16.11 nf_tables kfree memory leak

CVE-2024-27243 | Zoom Workplace Desktop App buffer overflow (ZSB-24014)