CVE-2023-33236

Name of the Vulnerable Software and Affected Versions MXsecurity version 1.0

Description The issue is related to hardcoded credentials in MXsecurity, which can be exploited to craft arbitrary JWT tokens and bypass authentication for web-based APIs. This allows a remote attacker to elevate their privileges.

Recommendations For MXsecurity version 1.0, consider disabling the use of hardcoded credentials and JWT token generation until a patch is available. Restrict access to web-based APIs to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.