CVE-2023-48253
CVE-2023-48253
The vulnerability allows a remote authenticated attacker to read or update arbitrary content of the authentication database via a crafted HTTP request.
By abusing this vulnerability it is possible to exfiltrate other users’ password hashes or update them with arbitrary values and access their accounts.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Productos afectados
Rexroth · Nexo cordless nutrunner NXA011S-36V (0608842011)Rexroth · Nexo cordless nutrunner NXA011S-36V-B (0608842012)Rexroth · Nexo cordless nutrunner NXA015S-36V (0608842001)Rexroth · Nexo cordless nutrunner NXA015S-36V-B (0608842006)Rexroth · Nexo cordless nutrunner NXA030S-36V (0608842002)Rexroth · Nexo cordless nutrunner NXA030S-36V-B (0608842007)Rexroth · Nexo cordless nutrunner NXA050S-36V (0608842003)Rexroth · Nexo cordless nutrunner NXA050S-36V-B (0608842008)Rexroth · Nexo cordless nutrunner NXA065S-36V (0608842013)Rexroth · Nexo cordless nutrunner NXA065S-36V-B (0608842014)Rexroth · Nexo cordless nutrunner NXP012QD-36V (0608842005)Rexroth · Nexo cordless nutrunner NXP012QD-36V-B (0608842010)Rexroth · Nexo cordless nutrunner NXV012T-36V (0608842015)Rexroth · Nexo cordless nutrunner NXV012T-36V-B (0608842016)Rexroth · Nexo special cordless nutrunner (0608PE2272)Rexroth · Nexo special cordless nutrunner (0608PE2301)Rexroth · Nexo special cordless nutrunner (0608PE2514)Rexroth · Nexo special cordless nutrunner (0608PE2515)Rexroth · Nexo special cordless nutrunner (0608PE2666)Rexroth · Nexo special cordless nutrunner (0608PE2673)¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →