CVE-2023-45596

Name of the Vulnerable Software and Affected Versions AiLux imx6 bundle versions prior to imx6 1.0.7-2

Description A vulnerability in the file configuration functionality of the web application allows a remote unauthenticated attacker to access confidential configuration files. The issue is related to direct request or missing authorization, enabling access to sensitive information.

Recommendations For versions prior to imx6 1.0.7-2, update to version imx6 1.0.7-2 or later to resolve the issue. As a temporary workaround, consider restricting access to the file configuration functionality to minimize the risk of exploitation.