High severity8.8NVD Advisory· Published Nov 22, 2023· Updated Jun 17, 2026
CVE-2023-47315
CVE-2023-47315
Description
Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to a hard-coded JWT Secret. The secret is hardcoded into the source code available to anyone on Git Hub. This secret is used to sign the application’s JWT token and verify the incoming user-supplied tokens.
Affected products
2- Headwind/MDM Web paneldescription
- Range: =5.22.1
Patches
Vulnerability mechanics
References
1- boltonshield.com/en/cve/cve-2023-47315/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.