CVE-2023-34723
Vulnerability Type: Directory Indexing, allows a threat actor to list the contents of specific directories outside of the web root context.
CVE-2023-34724
Vulnerability Type: On-Chip Debug and Test Interface With Improper Access Control, allows a threat actor unrestricted access to the root filesystem using an exposed UART interface, without the need for authentication.
CVE-2023-34725
Vulnerability Type: Incorrect Access Control, allows a threat actor access to sensitive systems configuration files without proper authentication or authorisation.
I wrote a newsletter on how to use Excel to hunt your data for threats.
I started a free newsletter to share threat hunting tips.