CVE-2023-5935

Name of the Vulnerable Software and Affected Versions Arc (affected versions not specified)

Description The local web interface provided during the configuration of Arc lacks authentication, making it vulnerable to abuse by local attackers or malware. This could allow a malicious local user or process to extract sensitive information, change Arc's configuration, or potentially lead to arbitrary code execution if a malicious update package is installed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.