CVE-2023-54337

medium

Description

Sysax Multi Server 6.95 contains a denial of service vulnerability in the administrative password field that allows attackers to crash the application. Attackers can overwrite the password field with 800 bytes of repeated characters to trigger an application crash and disrupt server functionality.

References

https://www.vulncheck.com/advisories/sysax-multi-server-password-denial-of-service-poc

https://www.sysax.com/

https://www.exploit-db.com/exploits/51066

Details

Source: Mitre, NVD

Published: 2026-01-13

Updated: 2026-01-14

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

CVSS v4

Base Score: 5.1

Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Severity: Medium

EPSS

EPSS: 0.00022