This vulnerability was discovered and disclosed by Nico Viakowski and myself. This repository will hold the advisory and the exploit.
This repository is only for educational purposes.
- Vendor Website: https://www.kardex.com/en/mlog-control-center
- Exploit on Exploit-DB: https://www.exploit-db.com/exploits/51239
- Blog Post Advisory: https://hesec.de/posts/CVE-2023-22855
- Blog Post Thinking Objects: https://to.com/blog/advisory-kardex-mlog-CVE-2023-22855
- Mitre: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22855
- NVD Entry: https://nvd.nist.gov/vuln/detail/CVE-2023-22855