Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.1
CVSSv3

CVE-2023-3256

Published: 22/06/2023 Updated: 28/06/2023
CVSS v3 Base Score: 8.1 | Impact Score: 5.2 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Advantech

Vulnerability Summary

This vulnerability allows remote malicious users to escalate privileges on affected installations of Advantech R-SeeNet. Authentication is required to exploit this vulnerability. The specific flaw exists within the device_status page. The issue results from the lack of proper validation of user-supplied data prior to passing it to a PHP include function. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

advantech r-seenet

References

CWE-610https://www.cisa.gov/news-events/ics-advisories/icsa-23-173-02https://nvd.nist.govhttps://www.zerodayinitiative.com/advisories/ZDI-23-1157/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700CVE-2022-48689CVE-2024-27956CVE-2023-6363SQLNULL pointer dereferenceCVE-2023-41830CVE-2015-2051arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook