Headline
CVE-2023-26511: Propius GmbH
A Hard Coded Admin Credentials issue in the Web-UI Admin Panel in Propius MachineSelector 6.6.0 and 6.6.1 allows remote attackers to gain access to the admin panel Propiusadmin.php, which allows taking control of the affected system.
MachineSelector security notes and vulnerability
Version
CVE-ID
Impact
Temporary Fix
Remediation
6.6.0, 6.6.1
CVE-2023-26511
Propius Machine Selector from 6.6.0 to 6.6.1. Affected versions contain a Propiusadmin.php file which allows a remote attacker with knowledge of the hardcoded password to gain access to the admin panel. A remote attacker can use the hardcoded credentials to fully take control over the vulnerable system via the exposed admin panel.
Delete “Propiusadmin.php” file
Update to newest Version, at least V6.6.2
- Back
- Report issue