CVE-2023-45312

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Oct 10, 2023

Updated: Nov 7, 2023

CWE ID 1188

Summary

CVE-2023-45312 is a vulnerability affecting the mtproto_proxy component, specifically versions 0.7.2 and below for Erlang. A remote, low-privileged attacker can exploit this issue to gain unauthorized access to an improperly secured default installation. Once accessed, the attacker is granted remote command execution abilities. This vulnerability poses a significant risk to systems running the affected version of mtproto_proxy and requires immediate attention for patching or mitigation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

MTProto

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s6XV9Q
https://www.cve.org/CVERecord?id=CVE-2023-45312
https://nvd.nist.gov/vuln/detail/CVE-2023-45312

Back to Vulnerability Database

CVE-2023-45312

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations