Vulnerabilities > CVE-2023-41356 - Unspecified vulnerability in Wisdomgarden Tronclass Ilearn 1.62.41849

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

wisdomgarden

NVD

Published: 2023-11-03

Updated: 2024-11-21

Summary

NCSIST ManageEngine Mobile Device Manager(MDM) APP's special function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and read arbitrary system files.

Vulnerable Configurations

Part	Description	Count
Application	Wisdomgarden Wisdomgarden Tronclass Ilearn 1.62.41849	1

References

https://www.twcert.org.tw/tw/cp-132-7506-b4e29-1.html
https://www.twcert.org.tw/tw/cp-132-7506-b4e29-1.html