Vulnerability Description
An authentication bypass vulnerability in the web client interface for the CL4NX printer before firmware version 1.13.3-u724_r2 provides remote unauthenticated attackers with access to execute commands intended only for valid/authenticated users, such as file uploads and configuration changes.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sato-Global | Cl4Nx Plus Firmware | < 1.13.3-u724_r2 |
| Sato-Global | Cl4Nx Plus | - |
Related Weaknesses (CWE)
References
- https://d2n1rly8br52rx.cloudfront.net/content-blocks/files/pages/Vulnerability-DVendor Advisory
- https://hackandpwn.com/disclosures/CVE-2023-23594.pdfThird Party Advisory
- https://www.satoamerica.com/products/printers/industrial-thermal-printers/cl4nx-Product
- https://d2n1rly8br52rx.cloudfront.net/content-blocks/files/pages/Vulnerability-DVendor Advisory
- https://hackandpwn.com/disclosures/CVE-2023-23594.pdfThird Party Advisory
- https://www.satoamerica.com/products/printers/industrial-thermal-printers/cl4nx-Product
FAQ
What is CVE-2023-23594?
CVE-2023-23594 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An authentication bypass vulnerability in the web client interface for the CL4NX printer before firmware version 1.13.3-u724_r2 provides remote unauthenticated attackers with access to execute command...
How severe is CVE-2023-23594?
CVE-2023-23594 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-23594?
Check the references section above for vendor advisories and patch information. Affected products include: Sato-Global Cl4Nx Plus Firmware, Sato-Global Cl4Nx Plus.