2 matches found
CVE-2023-38557
A vulnerability has been identified in Spectrum Power 7 All versions V23Q3. The affected product assigns improper access rights to the update script. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges...
CVE-2023-38557
Spectrum Power 7 (all versions before V23Q3) is affected by CVE-2023-38557 due to incorrect permission assignment for the update script, enabling an authenticated local attacker to inject arbitrary code and escalate privileges. The vulnerability is tied to Spectrum Power 7 before the V23Q3 update...