CVE-2023-26511 — CRITICAL (9.8)

Vulnerability Description

A Hard Coded Admin Credentials issue in the Web-UI Admin Panel in Propius MachineSelector 6.6.0 and 6.6.1 allows remote attackers to gain access to the admin panel Propiusadmin.php, which allows taking control of the affected system.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Propius	Machineselector	6.6.0

Related Weaknesses (CWE)

CWE-798

References

https://www.propius.de/ms_security.htmlVendor Advisory
https://www.propius.de/ms_security.htmlVendor Advisory

FAQ

What is CVE-2023-26511?

CVE-2023-26511 is a vulnerability with a CVSS score of 9.8 (CRITICAL). A Hard Coded Admin Credentials issue in the Web-UI Admin Panel in Propius MachineSelector 6.6.0 and 6.6.1 allows remote attackers to gain access to the admin panel Propiusadmin.php, which allows takin...

How severe is CVE-2023-26511?

CVE-2023-26511 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2023-26511?

Check the references section above for vendor advisories and patch information. Affected products include: Propius Machineselector.