Known Vulnerabilities
CVE-2023-48390
Multisuns EasyLog web+ has a code injection vulnerability. An unauthenticated remote attacker can exploit this vulnerability to inject code and access the system to perform arbitrary system operations or disrupt service.
CRITICAL
CVSS 9.8
Published Dec 15, 2023
CVE-2023-48389
Multisuns EasyLog web+ has a path traversal vulnerability within its parameter in a specific URL. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files.
HIGH
CVSS 7.5
Published Dec 15, 2023
CVE-2023-48388
Multisuns EasyLog web+ has a vulnerability of using hard-coded credentials. An remote attacker can exploit this vulnerability to access the system to perform arbitrary system operations or disrupt service.
CRITICAL
CVSS 9.8
Published Dec 15, 2023