Lucene search
MitreCVELIST:CVE-2023-41635HistoryAug 31, 2023 - 12:00 a.m.
CVE-2023-41635
2023-08-3100:00:00
mitre
www.cve.org
4
xml external entity
verificheperiodiche.aspx
grupposcai realgimm v1.1.37p38
filesystem
crafted xml file
vulnerability
EPSS
0.001
Percentile
36.9%
A XML External Entity (XXE) vulnerability in the VerifichePeriodiche.aspx component of GruppoSCAI RealGimm v1.1.37p38 allows attackers to read any file in the filesystem via supplying a crafted XML file.
References
github.com/CapgeminiCisRedTeam/Disclosure/blob/f7aafa9fcd4efa30071c7f77d3e9e6b14e92302b/CVE%20PoC/CVE-2023-41635%20%7C%20RealGimm%20-%20XML%20External%20Entity%20Injection.md
github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-ID%20%7C%20RealGimm%20-%20XML%20External%20Entity%20Injection.md
Related
nvd
nvd
CVE-2023-41635
2023-08-31 14:15:08
prion
prion
Xxe
2023-08-31 14:15:00
cve
cve
CVE-2023-41635
2023-08-31 14:15:08