4 matches found
VulnCheck KEV: CVE-2023-25573
metersphere is an open source continuous testing platform. In affected versions an improper access control vulnerability exists in /api/jmeter/download/files, which allows any user to download any file without authentication. This issue may expose all files available to the running process...
CVE-2023-25573
creationtimestamp| type| source ---|---|--- 2023-03-09 20:20:22+00:00| seen| https://t.me/cibsecurity/59737 2023-10-04 03:32:51+00:00| published-proof-of-concept| https://t.me/codeb0ss/1212 2026-04-28 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2026-04-28...
CVE-2023-25573 Improper access control to download file in metersphere
metersphere is an open source continuous testing platform. In affected versions an improper access control vulnerability exists in /api/jmeter/download/files, which allows any user to download any file without authentication. This issue may expose all files available to the running process. This...
CVE-2023-25573 Improper access control to download file in metersphere
metersphere is an open source continuous testing platform. In affected versions an improper access control vulnerability exists in /api/jmeter/download/files, which allows any user to download any file without authentication. This issue may expose all files available to the running process. This...