CVE-2023-7026

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Dec 21, 2023

Updated: May 17, 2024

CWE ID 434

Summary

CVE-2023-7026 is a newly disclosed vulnerability affecting Lightxun IPTV Gateway versions up to 20231208. This issue has been classified as problematic and involves the processing of the file /ZHGXTV/index.php/admin/index/web_upload_template.html. An attacker can manipulate an argument in this file, resulting in unrestricted upload capabilities. The attack can be initiated remotely, making it a significant security concern. The exploit for this vulnerability (VDB-248579) has been made public, increasing the risk of potential exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Lightxun IPTV Gateway

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/t3s6GX
https://www.cve.org/CVERecord?id=CVE-2023-7026
https://nvd.nist.gov/vuln/detail/CVE-2023-7026

Back to Vulnerability Database

CVE-2023-7026

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations