CVE-2023-22855 : Kardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. It spaw

Kardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. It spawns a web interface listening on port 8088. A user-controllable path is handed to a path-concatenation method (Path.Combine from .NET) without proper sanitisation. This yields the possibility of including local files, as well as remote files on SMB shares. If one provides a file with the extension .t4, it is rendered with the .NET templating engine mono/t4, which can execute code.

Published 2023-02-15 21:15:11

Updated 2025-03-19 17:15:37

Source MITRE

View at NVD, CVE.org

Vulnerability category: Execute code

Products affected by CVE-2023-22855

Kardex » Kardex Control Center » Version: 5.7.12+0-a203c2a213-master
cpe:2.3:a:kardex:kardex_control_center:5.7.12\+0-a203c2a213-master:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2023-22855

EPSS FAQ

65.88%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 98 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-22855

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	134c704f-9b21-4f2e-91b3-4a467353bcc0	2025-03-19
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2023-22855

CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Assigned by:
- 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
- nvd@nist.gov (Primary)

References for CVE-2023-22855

https://github.com/patrickhener/CVE-2023-22855/blob/main/advisory/advisory.md

CVE-2023-22855/advisory.md at main · patrickhener/CVE-2023-22855 · GitHub
Exploit;Third Party Advisory
http://packetstormsecurity.com/files/171689/Kardex-Mlog-MCC-5.7.12-Remote-Code-Execution.html

Kardex Mlog MCC 5.7.12 Remote Code Execution ≈ Packet Storm
https://www.exploit-db.com/exploits/51239

Kardex Mlog MCC 5.7.12 - RCE (Remote Code Execution) - Windows remote Exploit
http://packetstormsecurity.com/files/171046/Kardex-Mlog-MCC-5.7.12-0-a203c2a213-master-File-Inclusion-Remote-Code-Execution.html

Kardex Mlog MCC 5.7.12+0-a203c2a213-master File Inclusion / Remote Code Execution ≈ Packet Storm
Exploit;Third Party Advisory;VDB Entry
http://seclists.org/fulldisclosure/2023/Feb/10

Full Disclosure: Remote Code Execution in Kardex MLOG
Exploit;Mailing List;Third Party Advisory

Jump to

Vulnerability Details : CVE-2023-22855

Products affected by CVE-2023-22855

Exploit prediction scoring system (EPSS) score for CVE-2023-22855

CVSS scores for CVE-2023-22855

CWE ids for CVE-2023-22855

References for CVE-2023-22855