CVE-2023-48246

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Jan 10, 2024

Updated: Jan 16, 2024

CWE ID 22

Summary

CVE-2023-48246 is a serious vulnerability that enables remote attackers to download arbitrary files from all system paths under the application's OS user ("root") privileges. An attacker can exploit this issue by crafting a malicious HTTP request, potentially leading to significant data theft or unauthorized system access. The vulnerability poses a substantial risk to affected systems and requires immediate mitigation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Bosch

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tY1LIL
https://www.cve.org/CVERecord?id=CVE-2023-48246
https://nvd.nist.gov/vuln/detail/CVE-2023-48246

Back to Vulnerability Database

CVE-2023-48246

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations