CVE-2023-37781

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Jul 17, 2023

Updated: Jul 28, 2023

CWE ID 22

Summary

CVE-2023-37781 is a vulnerability affecting the emqx_sn plugin in EMQX version 4.3.8. An attacker can exploit this issue by uploading a specially crafted .txt file, which enables directory traversal and potentially grants unauthorized access to sensitive data or system functions. This vulnerability poses a risk for information disclosure and further exploitation, making it essential for organizations using EMQX v4.3.8 to apply the appropriate patch or update.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r8c6SZ
https://www.cve.org/CVERecord?id=CVE-2023-37781
https://nvd.nist.gov/vuln/detail/CVE-2023-37781

Back to Vulnerability Database

CVE-2023-37781

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations