CVE-2023-37049

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Jul 26, 2023

Updated: Jul 31, 2023

CWE ID 862

Summary

CVE-2023-37049 is a newly discovered vulnerability affecting emlog version 2.1.9. This issue allows an attacker to execute arbitrary file deletion operations through the admin\template.php file. Successful exploitation could result in significant data loss or system compromise. It is crucial for emlog users to update their software to a patched version as soon as possible to mitigate this risk. Failure to do so may leave systems open to potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Emlog

Affected Vendors

EM Log

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rz8Y_b
https://www.cve.org/CVERecord?id=CVE-2023-37049
https://nvd.nist.gov/vuln/detail/CVE-2023-37049

Back to Vulnerability Database