The vulnerability of the microprogrammed software of the multi-channel voice recorder EasyLog Web+ BRS-5003 and EasyLog Web+ BRS-800 lies in improper control of code generation, allowing intruders to execute arbitrary commands.

The vulnerability of the microprogrammed software of the multi-channel voice recorder EasyLog Web+ BRS-5003 and EasyLog Web+ BRS-800 is related to incorrect code generation control. Exploiting this vulnerability could allow an attacker operating remotely to execute arbitrary commands...

CVE-2023-48390

Multisuns EasyLog web+ has a code injection vulnerability. An unauthenticated remote attacker can exploit this vulnerability to inject code and access the system to perform arbitrary system operations or disrupt service...

CVE-2023-48389

Multisuns EasyLog web+ has a path traversal vulnerability within its parameter in a specific URL. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files...

CVE-2023-48388

Multisuns EasyLog web+ has a vulnerability of using hard-coded credentials. An remote attacker can exploit this vulnerability to access the system to perform arbitrary system operations or disrupt service...

CVE-2023-48388

Multisuns EasyLog web+ has a vulnerability of using hard-coded credentials. An remote attacker can exploit this vulnerability to access the system to perform arbitrary system operations or disrupt service...

CVE-2023-48390

Multisuns EasyLog web+ has a code injection vulnerability. An unauthenticated remote attacker can exploit this vulnerability to inject code and access the system to perform arbitrary system operations or disrupt service...

CVE-2023-48389

Multisuns EasyLog web+ has a path traversal vulnerability within its parameter in a specific URL. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files...

Path traversal

Multisuns EasyLog web+ has a path traversal vulnerability within its parameter in a specific URL. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files...

Hardcoded credentials

Multisuns EasyLog web+ has a vulnerability of using hard-coded credentials. An remote attacker can exploit this vulnerability to access the system to perform arbitrary system operations or disrupt service...

Code injection

Multisuns EasyLog web+ has a code injection vulnerability. An unauthenticated remote attacker can exploit this vulnerability to inject code and access the system to perform arbitrary system operations or disrupt service...

CVE-2023-48390 Multisuns EasyLog web+ - Command Injection

Multisuns EasyLog web+ has a code injection vulnerability. An unauthenticated remote attacker can exploit this vulnerability to inject code and access the system to perform arbitrary system operations or disrupt service...

CVE-2023-48390

CVE-2023-48390 concerns Multisuns EasyLog web+ with an unauthenticated code injection vulnerability. The entry notes that an unauthenticated remote attacker can inject code to gain system access and perform arbitrary operations or disrupt service. The published CVSS v3.1 vector (AV:N/AC:L/PR:N/UI...

CVE-2023-48389

CVE-2023-48389 affects Multisuns EasyLog web+. A path traversal vulnerability in a URL parameter allows an unauthenticated remote attacker to bypass authentication and download arbitrary system files. Documents confirm the vulnerability specifics but do not provide remediation steps or patched ve...

CVE-2023-48389 Multisuns EasyLog web+ - Path Traversal

Multisuns EasyLog web+ has a path traversal vulnerability within its parameter in a specific URL. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files...

CVE-2023-48388 Multisuns EasyLog web+ - Use of Hard-coded Password

Multisuns EasyLog web+ has a vulnerability of using hard-coded credentials. An remote attacker can exploit this vulnerability to access the system to perform arbitrary system operations or disrupt service...

CVE-2023-48388

CVE-2023-48388 affects Multisuns EasyLog web+ and centers on use of hard-coded credentials. The available connected sources confirm a remote, network-exposed vulnerability allowing an attacker to gain access and perform arbitrary system operations or disrupt service, with CVSS 3.1 vector: AV:N/AC...

CVE-2023-48388 Multisuns EasyLog web+ - Use of Hard-coded Password

Multisuns EasyLog web+ has a vulnerability of using hard-coded credentials. An remote attacker can exploit this vulnerability to access the system to perform arbitrary system operations or disrupt service...

Multisuns EasyLog web+ Security Vulnerability

Multisuns EasyLog web+ is an unattended multi-loop digital telephone recording system from Multisuns. A security vulnerability exists in Multisuns EasyLog web+ v1.13.2.8, which can be exploited by remote attackers to break into the code and gain access to the system in order to perform arbitrary...

Multisuns EasyLog web+ Path Traversal Vulnerability

Multisuns EasyLog web+ is an unattended multi-loop digital phone recording system from Multisuns. A path traversal vulnerability exists in Multisuns EasyLog web+ v1.13.2.8, which originates from a path traversal in a specific URL, and can be exploited by a remote attacker to bypass authentication...

Multisuns EasyLog web+ Security Vulnerability

Multisuns EasyLog web+ is an unattended multi-loop digital telephone recording system from China Huading Multisuns. A security vulnerability exists in Multisuns EasyLog web+ v1.13.2.8, which stems from the use of hard-coded credentials, and can be exploited by remote attackers to gain access to t...