Vulnerability Analysis
Origin Validation Error in X-Rite MA-T6
CVE-2023-49900
An unauthenticated remote attacker is able to perform remote code execution due to incorrectly sanitized user input in the SetParameter command.
Injection
No Active Exploit Signals
CVSS Base Score
9.8
CRITICAL
Exploitability:3.9
Impact Score:5.9
Temporal Score:-
EPSS:-
Threat Intelligence Signals
CISA KEV
No
KEV Date Added
—
Ransomware Use
—
KEV Due Date
—
VulnCheck In-the-Wild
No
Nuclei Template
No
EPSS Score
—
EPSS Percentile
—
GHSA ID
GitHub Severity
CRITICAL
SSVC Exploitation
None
SSVC Automatable
Yes
Vulnerability Class
Injection
Identity & Timeline
| Status | - |
| Assigning Authority | - |
| CVSS Version / Source | - |
| Reserved | - |
| Published | - |
| Patch Date (date_public) | - |
| Exploit DB Date | - |
| First GitHub PoC Date | - |
| Last Updated | - |
| Time to Patch (Days to fix) | - |
| Exploit Release Gap | - |
| PoC Release Gap | - |
| Exploit DB References | None identified |
Affected Products & Versions
| Vendor | Product | Affected Versions |
|---|---|---|
| No affected products specified. | ||
Social Buzz