Multisuns Easylog Web vulnerabilities
3 known vulnerabilities affecting multisuns/easylog_web.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1
Vulnerabilities
Page 1 of 1
CVE-2023-48390P2CRITICALCVSS 9.8v1.13.2.82023-12-15
CVE-2023-48390 [CRITICAL] CWE-94 CVE-2023-48390: Multisuns EasyLog web+ has a code injection vulnerability. An unauthenticated remote attacker can ex
Multisuns EasyLog web+ has a code injection vulnerability. An unauthenticated remote attacker can exploit this vulnerability to inject code and access the system to perform arbitrary system operations or disrupt service.
nvd
CVE-2023-48388P2CRITICALCVSS 9.8v1.13.2.82023-12-15
CVE-2023-48388 [CRITICAL] CWE-798 CVE-2023-48388: Multisuns EasyLog web+ has a vulnerability of using hard-coded credentials. An remote attacker can e
Multisuns EasyLog web+ has a vulnerability of using hard-coded credentials. An remote attacker can exploit this vulnerability to access the system to perform arbitrary system operations or disrupt service.
nvd
CVE-2023-48389P3HIGHCVSS 7.5v1.13.2.82023-12-15
CVE-2023-48389 [HIGH] CWE-22 CVE-2023-48389: Multisuns EasyLog web+ has a path traversal vulnerability within its parameter in a specific URL. An
Multisuns EasyLog web+ has a path traversal vulnerability within its parameter in a specific URL. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files.
nvd