Proself Enterprise/Standard Edition Vulnerable to XML External Entity (XXE) Attacks

CVE-2023-45727

7.5HIGH

Key Information

Vendor: North Grid Corporation
Status: Proself Enterprise/standard Edition; Proself Gateway Edition; Proself Mail Sanitize Edition
Vendor: CVE Published:; 18 October 2023

Badges

👾 Exploit Exists🦅 CISA Reported📰 News Worthy

Summary

The vulnerabilities affecting CyberPanel, North Grid Proself, ProjectSend, and Zyxel firewalls are actively being exploited in the wild, posing significant threats to cybersecurity. These vulnerabilities allow attackers to bypass authentication, conduct XML External Entity (XXE) attacks, modify application configurations, and exploit path traversal flaws. These vulnerabilities have been linked to ransomware campaigns and could lead to severe consequences such as data breaches, system compromises, and unauthorized access. Organizations are advised to apply vendor-provided patches or mitigation steps, discontinue use of affected products if fixes are not available, and strengthen monitoring for suspicious activity. The deadline for federal agencies to remediate these vulnerabilities is December 24 or 25, 2024, depending on the specific flaw, and private organizations are strongly encouraged to act promptly to safeguard their systems against exploitation.

CISA Reported

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2023-45727 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.