An authentication bypass vulnerability in the web client interface for the CL4NX printer before firmware version 1.13.3-u724_r2 provides remote unauthenticated attackers with access to execute commands intended only for valid/authenticated users, such as file uploads and configuration changes.
References
Link | Resource |
---|---|
https://d2n1rly8br52rx.cloudfront.net/content-blocks/files/pages/Vulnerability-Disclosure.pdf | Vendor Advisory |
https://hackandpwn.com/disclosures/CVE-2023-23594.pdf | Third Party Advisory |
https://www.satoamerica.com/products/printers/industrial-thermal-printers/cl4nx-plus | Product |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-03-31T00:00:00
Updated: 2023-04-04T00:00:00
Reserved: 2023-01-15T00:00:00
Link: CVE-2023-23594
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-03-31T19:15:07.187
Modified: 2023-04-11T06:06:28.287
Link: CVE-2023-23594
JSON object: View
Redhat Information
No data.
CWE