CVE-2023-33235

Name of the Vulnerable Software and Affected Versions MXsecurity version 1.0

Description The issue is related to a command injection vulnerability in the SSH CLI program of MXsecurity. This vulnerability can be exploited by attackers who have gained authorization privileges, allowing them to break out of the restricted shell and execute arbitrary code. The vulnerability is associated with a lack of data sanitization on the management level, which can be exploited by a remote attacker to execute arbitrary commands.

Recommendations For MXsecurity version 1.0, consider disabling the SSH CLI program until a patch is available to prevent exploitation of the command injection vulnerability. Restrict access to the restricted shell to minimize the risk of attackers breaking out and executing arbitrary code. At the moment, there is no information about a newer version that contains a fix for this vulnerability.