A vulnerability was found in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250 and MX30. It has been classified as critical. Affected is an unknown function of the file /newapi/ of the component Web Interface. The manipulation of the argument filter leads to sql injection.
This vulnerability is traded as CVE-2023-43743. The attack needs to be done within the local network. There is no exploit available.
It is recommended to upgrade the affected component.