imx6 bundle

CVEs (3)

CVE	Vendor / Product	CVSS	Published	Description
CVE-2023-45598	AiLux imx6 bundle	—	Mar 5, 2024	A CWE-425 “Direct Request ('Forced Browsing')” vulnerability in the “measure” functionality of the web application allows a remote unauthenticated attacker to access confidential measure information. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2.
CVE-2023-45596	AiLux imx6 bundle	—	Mar 5, 2024	A CWE-425 “Direct Request ('Forced Browsing')” vulnerability in the “file_configuration” functionality of the web application allows a remote unauthenticated attacker to access confidential configuration files. This issue affects: AiLux imx6 bundle below version…
CVE-2023-45593	AiLux imx6 bundle	—	Mar 5, 2024	A CWE-184 “Incomplete List of Disallowed Inputs” vulnerability in the embedded Chromium browser (concerning the handling of alternative URLs, other than “ http://localhost” ) allows a physical attacker to read arbitrary files on the file system, alter the configuration…

CVE-2023-45598Mar 5, 2024
AiLux
imx6 bundle
risk 0.00cvss —epss 0.00
A CWE-425 “Direct Request ('Forced Browsing')” vulnerability in the “measure” functionality of the web application allows a remote unauthenticated attacker to access confidential measure information. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2.
CVE-2023-45596Mar 5, 2024
AiLux
imx6 bundle
risk 0.00cvss —epss 0.00
A CWE-425 “Direct Request ('Forced Browsing')” vulnerability in the “file_configuration” functionality of the web application allows a remote unauthenticated attacker to access confidential configuration files. This issue affects: AiLux imx6 bundle below version…
CVE-2023-45593Mar 5, 2024
AiLux
imx6 bundle
risk 0.00cvss —epss 0.00
A CWE-184 “Incomplete List of Disallowed Inputs” vulnerability in the embedded Chromium browser (concerning the handling of alternative URLs, other than “ http://localhost” ) allows a physical attacker to read arbitrary files on the file system, alter the configuration…