Vulnerabilities

CVE-2023-54327 - Tinycontrol LAN Controller 1.58a Authentication Bypass via Admin Password Change

2025-12-31 0 views admin

CVE ID : CVE-2023-54327 Published : Dec. 30, 2025, 11:15 p.m. | 1 hour, 33 minutes ago Description : Tinycontrol LAN Controller 1.58a contains an authentication bypass vulnerability that allows unauthenticated attackers to change admin passwords through a crafted API request. Attackers can exploit the /stm.cgi endpoint with a specially crafted authentication parameter to disable access controls and modify administrative credentials. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2023-54327

Severity

CRITICAL

Published

Dec. 30, 2025

Impact: authentication bypass

Source: Telegram CVE Monitor

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2023-54327critical

CVE-2023-54327 - Tinycontrol LAN Controller 1.58a Authentication Bypass via Admin Password Change

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2022-50792 - SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x unauthenticated file disclosure vulnerability

CVE-2022-50804 - JM-DATA ONU JF511-TV 1.0.67 Cross-Site Request Forgery (CSRF) Vulnerability

CVE-2022-50803 - JM-DATA ONU JF511-TV 1.0.67 Default Credentials Vulnerability

CVE-2022-50802 - ETAP Safety Manager 1.0.0.32 Unauthenticated Reflected Cross-Site Scripting via ...

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting