PT-2023-1509 · Controlbyweb · Control By Web X-600M
Floris Hendriks
+1
·
Published
2023-02-13
·
Updated
2023-02-22
·
CVE-2023-23551
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Control By Web X-600M (affected versions not specified)
Description
The issue is related to code injection in Lua scripts, which could allow an attacker to remotely execute arbitrary code. This is due to errors in code generation. The exploitation of this issue may enable a remote attacker to execute arbitrary code by running Lua scripts.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Control By Web X-600M