Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-36622

Disclosure Date: July 05, 2023 (last updated October 08, 2023)
The websocket configuration endpoint of the Loxone Miniserver Go Gen.2 before 14.1.5.9 allows remote authenticated administrators to inject arbitrary OS commands via the timezone parameter.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0