3 matches found
CVE-2023-52252
Unified Remote 3.13.0 allows remote attackers to execute arbitrary Lua code because of a wildcarded Access-Control-Allow-Origin for the Remote upload endpoint...
CVE-2023-52252
Unified Remote 3.13.0 allows remote attackers to execute arbitrary Lua code because of a wildcarded Access-Control-Allow-Origin for the Remote upload endpoint...
CVE-2023-52252
CVE-2023-52252 affects Unified Remote 3.13.0. The root cause is a wildcarded Access-Control-Allow-Origin header on the Remote upload endpoint, enabling remote attackers to execute arbitrary Lua code. The impact reported is remote code execution with high confidentiality/integrity/availability ris...