CVE-2023-33367

A SQL injection vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing unauthenticated attackers to write PHP files on the server’s root directory, resulting in remote code execution.

Date published : 2023-08-04

https://claroty.com/team82/disclosure-dashboard/cve-2023-33367

https://www.controlid.com.br/en/access-control/idsecure/