CVE-2023-5677

BrandonRothel from QED Secure Solutions and Sam Hanson of Dragos have found that the VAPIX API tcptest.cgidid not have a sufficient input validation allowing for a possible remote codeexecution. This flaw can only be exploited after authenticating with anoperator- or administrator-privileged servic...