CVE-2023-39854 Information

Oct 10, 2023 cve

Description

The web interface of ATX Ucrypt through 3.5 allows authenticated users (or attackers using default credentials for the admin master or user account) to include files via a URL in the /hydra/view/get_cc_url url parameter. There can be resultant SSRF.

Reference

https://wiki.notveg.ninja/blog/CVE-2023-39854/ The web interface of ATX Ucrypt through 3.5 allows authenticated users (or attackers using default credentials for the admin master or user account) to include files via a URL in the /hydra/view/get_cc_url url parameter. There can be resultant SSRF.

Share on: