cbcvebase.
CVE-2023-5457
published 2024-03-05

CVE-2023-5457: A CWE-1269 “Product Released in Non-Release Configuration” vulnerability in the Django web framework used by the web application (due to the “debug”…

PriorityP359critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.64%
46.3th percentile
A CWE-1269 “Product Released in Non-Release Configuration” vulnerability in the Django web framework used by the web application (due to the “debug” configuration parameter set to “True”) allows a remote unauthenticated attacker to access critical information and have other unspecified impacts to the confidentiality, integrity, and availability of the application. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2.

Affected

2 ranges
VendorProductVersion rangeFixed in
ailuximx6< 1.0.7-21.0.7-2
ailuximx6_bundle< 1.0.7-21.0.7-2
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.