Unifiedremote

unifiedremote

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Unified Remote

unified_remote

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-52252 1Unifiedremote 1Unified Remote Nov 21, 2024 Dec 30, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Unified Remote 3.13.0 allows remote attackers to execute arbitrary Lua code because of a wildcarded Access-Control-Allow-Origin for the Remote upload endpoint.
CVE-2022-3229 1Unifiedremote 1Unified Remote Mar 25, 2025 Feb 6, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Because the web management interface for Unified Intents' Unified Remote solution does not itself require authentication, a remote, unauthenticated attacker can change or disable authentication requirements for the Unifi...Show more Because the web management interface for Unified Intents' Unified Remote solution does not itself require authentication, a remote, unauthenticated attacker can change or disable authentication requirements for the Unified Remote protocol, and leverage this now-unauthenticated access to run code of the attacker's choosing.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2023-52252

1Unifiedremote

1Unified Remote

Nov 21, 2024

Dec 30, 2023

N/A· v4

9.8 CRITICAL· v3

N/A· v2

Unified Remote 3.13.0 allows remote attackers to execute arbitrary Lua code because of a wildcarded Access-Control-Allow-Origin for the Remote upload endpoint.

CVE-2022-3229

1Unifiedremote

1Unified Remote

Mar 25, 2025

Feb 6, 2023

N/A· v4

9.8 CRITICAL· v3

N/A· v2

Because the web management interface for Unified Intents' Unified Remote solution does not itself require authentication, a remote, unauthenticated attacker can change or disable authentication requirements for the Unified Remote protocol, and leverage this now-unauthenticated access to run code of the attacker's choosing.Show less