CVE-2023-54337

CRITICAL

Sysax Multi Server - Denial of Service

Title source: rule

Description

Sysax Multi Server 6.95 contains a denial of service vulnerability in the administrative password field that allows attackers to crash the application. Attackers can overwrite the password field with 800 bytes of repeated characters to trigger an application crash and disrupt server functionality.

Exploits (1)

exploitdb WORKING POC

by Luis Martínez · textdoswindows

https://www.exploit-db.com/exploits/51066

View Code ZIP pw:eip

References (3)

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/51066

[Product] https://www.sysax.com/

[Third Party Advisory] https://www.vulncheck.com/advisories/sysax-multi-server-password-denial-of-service-poc

Scores

CVSS v3 9.1

EPSS 0.0001

EPSS Percentile 2.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Classification

CWE

CWE-1284

Status published

Affected Products (1)

sysax/multi_server

Timeline

Published Jan 13, 2026

Tracked Since Feb 18, 2026