CVE-2023-23327

CVSS 4.9 MEDIUMEPSS 0.8%CWE-200

An Information Disclosure vulnerability exists in AvantFAX 3.3.7. Backups of the AvantFAX sent/received faxes, and database backups are stored using the current date as the filename and hosted on the web server without access controls.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Produtos afetados

n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://avantfax.com https://github.com/superkojiman/vulnerabilities/blob/master/AvantFAX-3.3.7/README.md