CVE-2023-45599 Information

Description

A CWE-646 “Reliance on File Name or Extension of Externally-Supplied File” vulnerability in the “iec61850” functionality of the web application allows a remote authenticated attacker to upload any arbitrary type of file into the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2.

Reference

https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-45599