CVE-2023-49863

An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.This vulnerability is triggered by the `downloadURL_webpimage` parameter.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1880	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:wwbn:avideo:-:*:*:*:*:*:*:*

History

18 Jan 2024, 19:29

Type	Values Removed	Values Added
References	~~() https://talosintelligence.com/vulnerability_reports/TALOS-2023-1880 -~~	() https://talosintelligence.com/vulnerability_reports/TALOS-2023-1880 - Exploit, Third Party Advisory
CPE		cpe:2.3:a:wwbn:avideo:-:::::::*
CWE		CWE-610
First Time		Wwbn avideo Wwbn

10 Jan 2024, 18:15

Type	Values Removed	Values Added
Summary		(es) Existe una vulnerabilidad de divulgación de información en la funcionalidad de carga de imágenes aVideoEncoderReceiveImage.json.php de la confirmación maestra de desarrollo de WWBN AVideo 15fed957fb. Una solicitud HTTP especialmente manipulada puede provocar la lectura de archivos arbitrarios. Esta vulnerabilidad se activa mediante el parámetro `downloadURL_webpimage`.
References	~~{'url': 'https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1880', 'source': 'talos-cna@cisco.com'}~~

10 Jan 2024, 16:59

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-01-10 16:15

Updated : 2024-01-18 19:29

NVD link : CVE-2023-49863

Mitre link : CVE-2023-49863

CVE.ORG link : CVE-2023-49863

JSON object : View

Products Affected

wwbn

avideo

CWE

CWE-610

Externally Controlled Reference to a Resource in Another Sphere

CWE-73

External Control of File Name or Path

{"id": "CVE-2023-49863", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2024-01-10T16:15:49.180", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1880", "tags": ["Exploit", "Third Party Advisory"], "source": "talos-cna@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-610"}]}, {"type": "Secondary", "source": "talos-cna@cisco.com", "description": [{"lang": "en", "value": "CWE-73"}]}], "descriptions": [{"lang": "en", "value": "An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.This vulnerability is triggered by the `downloadURL_webpimage` parameter."}, {"lang": "es", "value": "Existe una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en la funcionalidad de carga de im\u00e1genes aVideoEncoderReceiveImage.json.php de la confirmaci\u00f3n maestra de desarrollo de WWBN AVideo 15fed957fb. Una solicitud HTTP especialmente manipulada puede provocar la lectura de archivos arbitrarios. Esta vulnerabilidad se activa mediante el par\u00e1metro `downloadURL_webpimage`."}], "lastModified": "2024-01-18T19:29:12.637", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:wwbn:avideo:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D1AF6154-CDE7-45F9-9F6F-FDBC2D4E42B1"}], "operator": "OR"}]}], "sourceIdentifier": "talos-cna@cisco.com"}