Vulnerabilities > CVE-2023-6012 - Unspecified vulnerability in Lanaccess Onsafe Monitorhm 3.7.0

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

lanaccess

critical

NVD

Published: 2023-11-08

Updated: 2023-11-16

Summary

An improper input validation vulnerability has been found in Lanaccess ONSAFE MonitorHM affecting version 3.7.0. This vulnerability could lead a remote attacker to exploit the checkbox element and perform remote code execution, compromising the entire infrastructure.

Vulnerable Configurations

Part	Description	Count
Application	Lanaccess Lanaccess Onsafe Monitorhm 3.7.0	1

References

https://www.incibe.es/en/incibe-cert/notices/aviso/incorrect-input-data-validation-lanaccess-onsafe-monitorhm-web-console