CVE-2023-45593
6.8MEDIUMA CWE-184 “Incomplete List of Disallowed Inputs” vulnerability in the embedded Chromium browser (concerning the handling of alternative URLs, other than “ http://localhost” ) allows a physical attacke
게시됨: 3/5/2024업데이트됨: 4/10/2025
설명
A CWE-184 “Incomplete List of Disallowed Inputs” vulnerability in the embedded Chromium browser (concerning the handling of alternative URLs, other than “ http://localhost” ) allows a physical attacker to read arbitrary files on the file system, alter the configuration of the embedded browser, and have other unspecified impacts to the confidentiality, integrity, and availability of the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2.
AI 분석AI 기반
영향받는 제품
ailuximx6
참조
- https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-45593Third Party Advisory
- https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-45593Third Party Advisory