3 matches found
CVE-2023-25719
ConnectWise Control before 22.9.10032 formerly known as ScreenConnect fails to validate user-supplied parameters such as the Bin/ConnectWiseControl.Client.exe h parameter. This results in reflected data and injection of malicious code into a downloaded executable. The executable can be used to...
CVE-2023-25719
ConnectWise Control before 22.9.10032 formerly known as ScreenConnect fails to validate user-supplied parameters such as the Bin/ConnectWiseControl.Client.exe h parameter. This results in reflected data and injection of malicious code into a downloaded executable. The executable can be used to...
CVE-2023-25719
ConnectWise Control before 22.9.10032 is vulnerable due to failure to validate user-supplied parameters (notably the h parameter in Bin/ConnectWiseControl.Client.exe). This can lead to reflected data and injection of malicious code into a downloaded executable, enabling malicious queries or a den...