9.1
CVE-2023-54337
- EPSS 0.49%
- Veröffentlicht 13.01.2026 22:52:08
- Zuletzt bearbeitet 26.01.2026 16:15:56
- Quelle disclosure@vulncheck.com
- CVE-Watchlists
- Unerledigt
Sysax Multi Server 6.95 - 'Password' Denial of Service (PoC)
Sysax Multi Server 6.95 contains a denial of service vulnerability in the administrative password field that allows attackers to crash the application. Attackers can overwrite the password field with 800 bytes of repeated characters to trigger an application crash and disrupt server functionality.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Sysax ≫ Multi Server Version6.95
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.49% | 0.384 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| disclosure@vulncheck.com | 9.1 | 3.9 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
|
| disclosure@vulncheck.com | 5.1 | 0 | 0 |
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| nvd@nist.gov | 9.1 | 3.9 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
|
CWE-1284 Improper Validation of Specified Quantity in Input
The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.
https://www.sysax.com/
https://www.exploit-db.com/exploits/51066
https://www.vulncheck.com/advisories/sysax-multi-server-password-denial-of-service-poc