CVE-2023-45595

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Published Mar 5, 2024

CWE ID 434

Summary

CVE-2023-45595: A vulnerability has been identified in the "file_configuration" functionality of the AiLux imx6 bundle web application. This issue, classified as CWE-434 "Unrestricted Upload of File with Dangerous Type," enables a remote authenticated attacker to upload any arbitrary file type into the affected device. Versions below imx6_1.0.7-2 are susceptible to this vulnerability, putting these systems at risk for potential security breaches.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s8NmD5
https://www.cve.org/CVERecord?id=CVE-2023-45595
https://nvd.nist.gov/vuln/detail/CVE-2023-45595

Back to Vulnerability Database

CVE-2023-45595

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations