How severe is CVE-2023-5681?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.2 out of 10.

What type of vulnerability is CVE-2023-5681?

This is classified as CWE-89, which is a common weakness in software security.

CVE-2023-5681 - HIGH Severity | CVSS 7.2

Vulnerability Description

A vulnerability, which was classified as critical, was found in Netentsec NS-ASG Application Security Gateway 6.3. This affects an unknown part of the file /admin/list_addr_fwresource_ip.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-243057 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Related Vulnerabilities

CVE-2006-5738

HIGH

CVSS:7.2(High)

Multiple SQL injection vulnerabilities in PunBB before 1.2.14 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors.

CWE-892006

CVE-2014-6045

HIGH

CVSS:7.2(High)

SQL injection vulnerability in phpMyFAQ before 2.8.13 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via vectors involving the restore function.

CWE-892014

CVE-2015-10091

HIGH

CVSS:7.2(High)

A vulnerability has been found in ByWater Solutions bywater-koha-xslt and classified as critical. This vulnerability affects the function StringSearch of the file admin/systempreferences.pl. The manip...

CWE-892015

CVE-2015-2062

HIGH

CVSS:7.2(High)

Multiple SQL injection vulnerabilities in the Huge-IT Slider (slider-image) plugin before 2.7.0 for WordPress allow remote administrators to execute arbitrary SQL commands via the removeslide paramete...

CWE-892015

CVE-2015-5533

HIGH

CVSS:7.2(High)

SQL injection vulnerability in counter-options.php in the Count Per Day plugin before 3.4.1 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the cpd_keep_...

CWE-892015

CVE-2015-5591

HIGH

CVSS:7.2(High)

SQL injection vulnerability in Zenphoto before 1.4.9 allow remote administrators to execute arbitrary SQL commands.

CWE-892015