CVE-2023-25719
ConnectWise Control before 22.9.10032 is vulnerable due to failure to validate user-supplied parameters (notably the h parameter in Bin/ConnectWiseControl.Client.exe). This can lead to reflected data and injection of malicious code into a downloaded executable, enabling malicious queries or a den...