CVE-2023-46501

CRITICAL

BoltWire <6.03 - Info Disclosure

Title source: llm

Description

An issue in BoltWire v.6.03 allows a remote attacker to obtain sensitive information via a crafted payload to the view and change admin password function.

Exploits (1)

nomisec WRITEUP 13 stars

by Cyber-Wo0dy · poc

https://github.com/Cyber-Wo0dy/CVE-2023-46501

View Code ZIP pw:eip

References (2)

[Exploit, Third Party Advisory] https://github.com/Cyber-Wo0dy/CVE-2023-46501

[Exploit, Third Party Advisory] https://github.com/Cyber-Wo0dy/report/blob/main/boltwire/v6.03/boltwire_improper_access_control

Scores

CVSS v3 9.1

EPSS 0.1091

EPSS Percentile 93.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Details

CWE

CWE-284

Status published

Products (1)

boltwire/boltwire 6.03

Published Nov 07, 2023

Tracked Since Feb 18, 2026