SQL Injection Vulnerability in Wifi Soft Unibox Administration by Wifi Soft
CVE-2023-34635

9.8CRITICAL

Key Information:

Vendor: Wifi-soft
Status: Unibox Administration
Vendor: CVE Published:; 31 July 2023

What is CVE-2023-34635?

The Wifi Soft Unibox Administration product versions 3.0 and 3.1 are exposed to an SQL Injection vulnerability due to insufficient user input validation. This flaw allows attackers to exploit the login page's username field, potentially gaining unauthorized access to the database. Proper validation and sanitization mechanisms are essential to mitigate the risk associated with untrusted input.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://packetstormsecurity.com/files/173669/Wifi-Soft-Uni...

https://www.exploit-db.com/exploits/51610

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 31, 2023
Vulnerability Reserved
Jun 7, 2023

JSON

Wifi-soft

What is CVE-2023-34635?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.