CVE-2023-2105
published 2023-04-15CVE-2023-2105: Session Fixation in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
PriorityP334high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
0.67%
47.2th percentile
Session Fixation in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| alextselegidis | alextselegidis_easyappointments | >= unspecified < 1.5.0 | 1.5.0 |
| alextselegidis | easyappointments | 0 – 1.4.3 | — |
| easyappointments | easyappointments | < 1.5.0 | 1.5.0 |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv3.05.4MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
cisa8.8HIGH
vendor_redhat7.1HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
alextselegidis/easyappointments Session Fixation vulnerability
ghsa·2023-04-15
CVE-2023-2105 [MEDIUM] CWE-384 alextselegidis/easyappointments Session Fixation vulnerability
alextselegidis/easyappointments Session Fixation vulnerability
alextselegidis/easyappointments is vulnerable to session fixation. The application does not generate a new `ea_session` cookie after the user authenticates. A malicious user may create a new session cookie value and inject it to a victim. After the victim logs in, the injected cookie becomes valid, giving the attacker access to the user's account through the active session. If an attacker conducts this attack against an admin user, the attacker may escalate their privileges with the admin user being unaware.
This issue is patched in commit 7f37350fab9d729a9350d96369ff0f453cf7b840 and anticipated to be part of version 1.5.0.
OSV
alextselegidis/easyappointments Session Fixation vulnerability
osv·2023-04-15
CVE-2023-2105 [MEDIUM] alextselegidis/easyappointments Session Fixation vulnerability
alextselegidis/easyappointments Session Fixation vulnerability
alextselegidis/easyappointments is vulnerable to session fixation. The application does not generate a new `ea_session` cookie after the user authenticates. A malicious user may create a new session cookie value and inject it to a victim. After the victim logs in, the injected cookie becomes valid, giving the attacker access to the user's account through the active session. If an attacker conducts this attack against an admin user, the attacker may escalate their privileges with the admin user being unaware.
This issue is patched in commit 7f37350fab9d729a9350d96369ff0f453cf7b840 and anticipated to be part of version 1.5.0.
CISA
Digiever DS-2105 Pro Missing Authorization Vulnerability
cisa·2025-12-22·CVSS 8.8
CVE-2023-52163 [HIGH] CWE-862 Digiever DS-2105 Pro Missing Authorization Vulnerability
Vulnerability: Digiever DS-2105 Pro Missing Authorization Vulnerability
Affected: Digiever DS-2105 Pro
Digiever DS-2105 Pro contains a missing authorization vulnerability which could allow for command injection via time_tzsetup.cgi.
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Notes: https://www.digiever.com/tw/support/faq-content.php?FAQ=217 ; https://nvd.nist.gov/vuln/detail/CVE-2023-52163
Remediation Due Date: 2026-01-12
Red Hat
kernel: thermal: intel: powerclamp: fix mismatch in get function for max_idle
vendor_redhat·2024-05-21·CVSS 7.1
CVE-2023-52794 [HIGH] CWE-20 kernel: thermal: intel: powerclamp: fix mismatch in get function for max_idle
kernel: thermal: intel: powerclamp: fix mismatch in get function for max_idle
In the Linux kernel, the following vulnerability has been resolved:
thermal: intel: powerclamp: fix mismatch in get function for max_idle
KASAN reported this
[ 444.853098] BUG: KASAN: global-out-of-bounds in param_get_int+0x77/0x90
[ 444.853111] Read of size 4 at addr ffffffffc16c9220 by task cat/2105
...
[ 444.853442] The buggy address belongs to the variable:
[ 444.853443] max_idle+0x0/0xffffffffffffcde0 [intel_powerclamp]
There is a mismatch between the param_get_int and the definition of
max_idle. Replacing param_get_int with param_get_byte resolves this
issue.
Package: kernel (Red Hat Enterprise Linux 6) - Not affected
Package: kernel (Red Hat Enterprise Linux 7) - Not affected
Package: kernel-rt (Red Ha
Suricata
ET WEB_SPECIFIC_APPS DigiEver DS-2105 Pro time_tzsetup.cgi ntp Parameter Command Injection Attempt (CVE-2023-52163)
suricata·2025-05-06·CVSS 8.8
CVE-2023-52163 [HIGH] ET WEB_SPECIFIC_APPS DigiEver DS-2105 Pro time_tzsetup.cgi ntp Parameter Command Injection Attempt (CVE-2023-52163)
ET WEB_SPECIFIC_APPS DigiEver DS-2105 Pro time_tzsetup.cgi ntp Parameter Command Injection Attempt (CVE-2023-52163)
Rule: alert http any any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS DigiEver DS-2105 Pro time_tzsetup.cgi ntp Parameter Command Injection Attempt (CVE-2023-52163)"; flow:established,to_server; http.method; content:"POST"; http.uri; bsize:21; content:"/cgi-bin/cgi_main.cgi"; http.request_body; content:"cgiName|3d|time_tzsetup.cgi"; fast_pattern; content:"ntp|3d|"; pcre:"/^[^\x26]*?(?:(?:\x3b|%3[Bb])|(?:\x0a|%0[Aa])|(?:\x60|%60)|(?:\x7c|%7[Cc])|(?:\x24|%24))+/R"; reference:cve,2023-52163; reference:url,www.akamai.com/blog/security-research/digiever-fix-that-iot-thing; classtype:attempted-admin; sid:2062137; rev:1; metadata:affected_product DigiEver, attack_target IoT, tls_sta
Nuclei
Digiever DS-2105 Pro - Command Injection
nuclei·CVSS 8.8
CVE-2023-52163 [HIGH] Digiever DS-2105 Pro - Command Injection
Digiever DS-2105 Pro - Command Injection
Digiever DS-2105 Pro 3.1.0.71-11 contains a command injection caused by unsanitized input in time_tzsetup.cgi, letting attackers execute arbitrary commands remotely, exploit requires no authentication.
Template:
id: CVE-2023-52163
info:
name: Digiever DS-2105 Pro - Command Injection
author: rajesh-social-tech
severity: high
description: |
Digiever DS-2105 Pro 3.1.0.71-11 contains a command injection caused by unsanitized input in time_tzsetup.cgi, letting attackers execute arbitrary commands remotely, exploit requires no authentication.
impact: |
Remote attackers can execute arbitrary commands on the device, potentially leading to full device compromise.
remediation: |
Update to a supported version or contact the vendor for security patches.
ref
No writeups or analysis indexed.
https://github.com/alextselegidis/easyappointments/commit/7f37350fab9d729a9350d96369ff0f453cf7b840https://huntr.dev/bounties/de213e0b-a227-4fc3-bbe7-0b33fbf308e1https://github.com/alextselegidis/easyappointments/commit/7f37350fab9d729a9350d96369ff0f453cf7b840https://huntr.dev/bounties/de213e0b-a227-4fc3-bbe7-0b33fbf308e1
2023-04-15
Published