CVE-2023-37624

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Jul 26, 2023

Updated: Aug 2, 2023

CWE ID 601

Summary

CVE-2023-37624 is a newly identified vulnerability in Netdisco, an open-source network discovery tool, prior to version 2.06300. This issue involves an open redirect vulnerability, which allows an attacker to manipulate links and divert unsuspecting users to unintended websites. By crafting deceitful links, an assailant can potentially steal sensitive information, install malware, or perform other malicious activities. Users are advised to upgrade to a patched version of Netdisco to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Netdisco II

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r8c6TY
https://www.cve.org/CVERecord?id=CVE-2023-37624
https://nvd.nist.gov/vuln/detail/CVE-2023-37624

Back to Vulnerability Database

CVE-2023-37624

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations