CVE-2023-39983

Name of the Vulnerable Software and Affected Versions MXsecurity versions prior to v1.0.1

Description A vulnerability has been identified that poses a potential risk of polluting the MXsecurity sqlite database and the nsm-web UI. This issue might allow an unauthenticated remote attacker to register or add devices via the nsm-web application. The vulnerability is related to insufficient control of modification of dynamically defined object characteristics.

Recommendations For MXsecurity versions prior to v1.0.1, update to version v1.0.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the nsm-web application to minimize the risk of exploitation. Avoid using the nsm-web UI to register or add devices until the issue is resolved.