DRAGOWN/CVE-2023-24709-PoC

nvd.nist.gov

Releases0

In Paradox Security System IPR512 web panel, an unauthenticated user can input JavaScript string, such as that will overwrite configurations in the file "login.xml" and cause the login form to crash and make it unavailable.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-24709 ↗	Mar 21, 2023Tuesday, 21 March 2023, 23:15	7.5 HIGH	—
An issue found in Paradox Security Systems IPR512 allows attackers to cause a denial of service via the login.html and login.xml parameters.