CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27795
https://notcve.org/view.php?id=CVE-2023-27795
An issue found in IXP Data Easy Install v.6.6.14884.0 allows a local attacker to gain privileges via a static XOR key. Un problema encontrado en IXP Data Easy Install v.6.6.14884.0 permite a un atacante local obtener privilegios a través de una clave XOR estática. • https://www.bramfitt-tech-labs.com/article/easy-install-cve-issue • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27792
https://notcve.org/view.php?id=CVE-2023-27792
An issue found in IXP Data Easy Install v.6.6.14884.0 allows an attacker to escalate privileges via lack of permissions applied to sub directories. Un problema encontrado en IXP Data Easy Install v.6.6.14884.0 permite a un atacante escalar privilegios debido a la falta de permisos aplicados a los subdirectorios. • https://www.bramfitt-tech-labs.com/article/easy-install-cve-issue • CWE-862: Missing Authorization •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-30131
https://notcve.org/view.php?id=CVE-2023-30131
An issue discovered in IXP EasyInstall 6.6.14884.0 allows attackers to run arbitrary commands, gain escalated privilege, and cause other unspecified impacts via unauthenticated API calls. Un problema descubierto en IXP EasyInstall 6.6.14884.0 permite a los atacantes ejecutar comandos arbitrarios, obtener privilegios elevados y causar otros impactos no especificados a través de llamadas API no autenticadas. • https://www.bramfitt-tech-labs.com/article/easy-install-cve-issue • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27791
https://notcve.org/view.php?id=CVE-2023-27791
An issue found in IXP Data Easy Install 6.6.148840 allows a remote attacker to escalate privileges via insecure PRNG. Un problema encontrado en IXP Data Easy Install 6.6.148840 permite a un atacante remoto escalar privilegios a través de PRNG inseguro. • https://www.bramfitt-tech-labs.com/article/easy-install-cve-issue • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •