How severe is CVE-2023-29446?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.7 out of 10.

What type of vulnerability is CVE-2023-29446?

This is classified as CWE-40, which is a common weakness in software security.

CVE-2023-29446

MEDIUM Year: 2023

CVSS v3 Score

4.7

Medium

Weakness Type

CWE-40

View all →

Vulnerability Description

An improper input validation vulnerability has been discovered that could allow an adversary to inject a UNC path via a malicious project file. This allows an adversary to capture NLTMv2 hashes and potentially crack them offline.

CVE-2025-32103

MEDIUM

CVSS:5.0(Medium)

CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows directory traversal via the /WebInterface/function/ URI to read files accessible by SMB at UNC share pathnames, bypassing SecurityMa...

CWE-402025

CVE-2025-32103

MEDIUM

CVSS:5.0(Medium)

CWE-402025

CVE-2023-29446

Vulnerability Description

Related Vulnerabilities

CVE-2025-32103

CVE-2025-32103