Headline

CVE-2023-6012: Incorrect input data validation in Lanaccess ONSAFE MonitorHM Web Console

An improper input validation vulnerability has been found in Lanaccess ONSAFE MonitorHM affecting version 3.7.0. This vulnerability could lead a remote attacker to exploit the checkbox element and perform remote code execution, compromising the entire infrastructure.

1 year ago

CVE

Open in Source

#vulnerability #web #rce

Affected Resources

Lanaccess ONSAFE MonitorHM, version 3.7.0.

Description

INCIBE has coordinated the publication of 1 vulnerabilitiy that affects Lanaccess ONSAFE MonitorHM 3.7.0, which have been discovered by Petar Alexandrov Nikolov.

This vulnerabilitiy has been assigned the following code, CVSS v3.1 base score, CVSS vector string, and CWE vulnerability type:

CVE-2023-6012: CVSS v3.1: 8.3 | CVSS: AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L | CWE-20.

Solution

There is no reported solution at this time.

Detail

CVE-2023-6012: an improper input validation vulnerability has been found in Lanaccess ONSAFE MonitorHM affecting version 3.7.0. This vulnerability could lead a remote attacker to exploit the checkbox element and perform remote code execution, compromising the entire infrastructure.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

1 year ago

1 year ago

1 year ago

1 year ago

1 year ago