James Sebree

**Name of the Vulnerable Software and Affected Versions** MXsecurity versions prior to v1.0.1 **Description** A vulnerability has been identified that poses a potential risk of polluting the MXsecurity sqlite database and the nsm-web UI. This issue might allow an unauthenticated remote attacker to register or add devices via the nsm-web application. The vulnerability is related to insufficient control of modification of dynamically defined object characteristics. **Recommendations** For MXsecurity versions prior to v1.0.1, update to version v1.0.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the nsm-web application to minimize the risk of exploitation. Avoid using the nsm-web UI to register or add devices until the issue is resolved.