Vulnerability Details CVE-2023-45599
A CWE-646 “Reliance on File Name or Extension of Externally-Supplied File” vulnerability in the “iec61850” functionality of the web application allows a remote authenticated attacker to upload any arbitrary type of file into the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.6%
CVSS Severity
CVSS v3 Score 5.5
References