Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-27583

Published: 13/03/2023 Updated: 07/11/2023
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 0

Vulnerability Summary

PanIndex is a network disk directory index. In Panindex prior to version 3.1.3, a hard-coded JWT key `PanIndex` is used. An attacker can use the hard-coded JWT key to sign JWT token and perform any actions as a user with admin privileges. Version 3.1.3 has a patch for the issue. As a workaround, one may change the JWT key in the source code before compiling the project.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

panindex project panindex

References

CWE-798https://github.com/px-org/PanIndex/releases/tag/v3.1.3https://github.com/px-org/PanIndex/security/advisories/GHSA-82wq-gmw8-g87vhttps://github.com/px-org/PanIndex/commit/f7ec0c5739af055ad3a825a20294a5c01ada3302https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalationCVE-2024-20696CVE-2024-29829CVE-2024-33999CVE-2024-35646physicalCVE-2024-24919CVE-2024-31030local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook