CVE-2023-37230

Name of the Vulnerable Software and Affected Versions Loftware Spectrum versions prior to 5.1

Description The issue allows Server-Side Request Forgery (SSRF), which is a type of attack where an attacker can trick a server into making requests to internal or external resources. This can potentially lead to unauthorized access to sensitive data or systems. The testDeviceConnection function is affected.

Recommendations For versions prior to 5.1, consider disabling the testDeviceConnection function until a patch is available. Update to version 5.1 or later to resolve the issue.