CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-4591

A local file inclusion vulnerability has been found in WPN-XM Serverstack affecting version 0.8.6, which would allow an unauthenticated user to perform a local file inclusion (LFI) via the /tools/webinterface/index.php?page parameter by sending a GET request. This vulnerability could lead to the loading of a PHP file on the server, leading to a critical webshell exploit.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.0%

CVSS Severity

CVSS v3 Score 7.5

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-wpn-xm-serverstack
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-wpn-xm-serverstack

Products affected by CVE-2023-4591

Wpn-Xm » Wpn-Xm » Version: 0.8.6

cpe:2.3:a:wpn-xm:wpn-xm:0.8.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-4591

Products

Pricing

Contact Us