High severity8.8NVD Advisory· Published Nov 23, 2023· Updated Jun 17, 2026
CVE-2023-49213
CVE-2023-49213
Description
The API endpoints in Ironman PowerShell Universal 3.0.0 through 4.2.0 allow remote attackers to execute arbitrary commands via crafted HTTP requests if a param block is used, due to invalid sanitization of input strings. The fixed versions are 3.10.2, 4.1.10, and 4.2.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Ironman/PowerShell Universaldescription
Patches
Vulnerability mechanics
References
2- blog.ironmansoftware.com/powershell-universal-apis-cve/nvdExploitMitigationVendor Advisory
- docs.powershelluniversal.com/changelogs/changelognvdRelease Notes
News mentions
0No linked articles in our index yet.