Unrated severityNVD Advisory· Published Nov 23, 2023· Updated Aug 2, 2024
Insertion of Sensitive Information into Externally-Accessible File or Directory in BVRP Software SLmail
CVE-2023-4595
Description
An information exposure vulnerability has been found, the exploitation of which could allow a remote user to retrieve sensitive information stored on the server such as credential files, configuration files, application files, etc., simply by appending any of the following parameters to the end of the URL: %00 %0a, %20, %2a, %a0, %aa, %c0 and %ca.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: 5.5.0.4433
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.