Anton Keskisaari

Researcher fromSecond Nature Security
#16061of 53,633
16.8Total CVSS
Vulnerabilities · 2
High
2
PT-2023-32153
8.6
2023-10-19
M Files · M-Files Web Companion · CVE-2023-5523
**Name of the Vulnerable Software and Affected Versions** M-Files Web Companion versions prior to 23.10 M-Files Web Companion LTS Service Release Versions prior to 23.8 LTS SR1 **Description** The issue is related to the execution of downloaded content, which allows for Remote Code Execution. This flaw is present in M-Files Web Companion. **Recommendations** For M-Files Web Companion versions prior to 23.10, update to version 23.10 or later to resolve the issue. For M-Files Web Companion LTS Service Release Versions prior to 23.8 LTS SR1, update to 23.8 LTS SR1 or later to resolve the issue.
PT-2023-32154
8.2
2023-10-19
M Files · M-Files Web Companion · CVE-2023-5524
**Name of the Vulnerable Software and Affected Versions** M-Files Web Companion versions prior to 23.10 M-Files Web Companion LTS Service Release Versions prior to 23.8 LTS SR1 **Description** The issue is related to insufficient blacklisting in M-Files Web Companion, allowing Remote Code Execution via specific file types. **Recommendations** For M-Files Web Companion versions prior to 23.10, update to version 23.10 or later. For M-Files Web Companion LTS Service Release Versions prior to 23.8 LTS SR1, update to 23.8 LTS SR1 or later.