Cyber Resilience

CVE-2023-54335

CriticalPublic PoC

Published: 13 January 2026

Published
13 January 2026
Modified
03 February 2026
KEV Added
Patch
CVSS Score v4 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0496 91.1th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2023-54335 is a critical-severity Missing Authentication for Critical Function (CWE-306) vulnerability in Extplorer Extplorer. Its CVSS base score is 9.3 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 8.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 IA-2 (Identification and Authentication (Organizational Users)) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2023-54335 is an authentication bypass vulnerability affecting eXtplorer 2.1.14, a file management system. The flaw enables attackers to log in without a password by manipulating the login request, as detailed in the CVE description. It is rated critical with a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and maps to CWE-306 (Missing Authentication for Critical Function).

Remote attackers require no privileges, user interaction, or special access to exploit this vulnerability over the network with low complexity. Upon bypassing authentication, attackers can upload malicious PHP files to the vulnerable file management system, achieving remote code execution on the server.

Advisories such as the VulnCheck report on the authentication bypass and remote code execution provide further technical details, while a proof-of-concept exploit is available on Exploit-DB (ID 51067). Practitioners should review the eXtplorer website (extplorer.net) and referenced sources for any patch or mitigation guidance. The CVE was published on 2026-01-13.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

eXtplorer 2.1.14 contains an authentication bypass vulnerability that allows attackers to login without a password by manipulating the login request. Attackers can exploit this flaw to upload malicious PHP files and execute remote commands on the vulnerable file management system.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

The vulnerability is an authentication bypass in a public-facing web-based file management system (eXtplorer), enabling remote unauthenticated attackers to gain access and upload malicious PHP files for RCE, directly facilitating T1190: Exploit Public-Facing Application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-4810Shared CWE-306
CVE-2025-53847Shared CWE-306
CVE-2025-61757Shared CWE-306
CVE-2025-68715Shared CWE-306
CVE-2026-21992Shared CWE-306
CVE-2025-26362Shared CWE-306
CVE-2026-48692Shared CWE-306
CVE-2022-50981Shared CWE-306
CVE-2025-58083Shared CWE-306
CVE-2025-21515Shared CWE-306

Affected Assets

extplorer
extplorer
≤ 2.1.14

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

IA-2 requires robust identification and authentication for organizational users, directly preventing authentication bypass vulnerabilities like manipulating login requests in eXtplorer.

prevent

SI-10 enforces information input validation, blocking manipulation of login requests that enable passwordless access.

prevent

SI-2 mandates timely flaw remediation, ensuring the specific authentication bypass in eXtplorer 2.1.14 is patched to stop exploitation.

References