CVE-2023-54335

CriticalPublic PoC

Published: 13 January 2026

Published

13 January 2026

Modified

03 February 2026

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0069 72.0th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-54335 is a critical-severity Missing Authentication for Critical Function (CWE-306) vulnerability in Extplorer Extplorer. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 28.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 IA-2 (Identification and Authentication (Organizational Users)) and SI-10 (Information Input Validation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

IA-2 Identification and Authentication (Organizational Users) good match

prevent

IA-2 requires robust identification and authentication for organizational users, directly preventing authentication bypass vulnerabilities like manipulating login requests in eXtplorer.

SI-10 Information Input Validation good match

prevent

SI-10 enforces information input validation, blocking manipulation of login requests that enable passwordless access.

SI-2 Flaw Remediation good match

prevent

SI-2 mandates timely flaw remediation, ensuring the specific authentication bypass in eXtplorer 2.1.14 is patched to stop exploitation.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

The vulnerability is an authentication bypass in a public-facing web-based file management system (eXtplorer), enabling remote unauthenticated attackers to gain access and upload malicious PHP files for RCE, directly facilitating T1190: Exploit Public-Facing Application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

eXtplorer 2.1.14 contains an authentication bypass vulnerability that allows attackers to login without a password by manipulating the login request. Attackers can exploit this flaw to upload malicious PHP files and execute remote commands on the vulnerable file management system.

Deeper analysisAI

CVE-2023-54335 is an authentication bypass vulnerability affecting eXtplorer 2.1.14, a file management system. The flaw enables attackers to log in without a password by manipulating the login request, as detailed in the CVE description. It is rated critical with a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and maps to CWE-306 (Missing Authentication for Critical Function).

Remote attackers require no privileges, user interaction, or special access to exploit this vulnerability over the network with low complexity. Upon bypassing authentication, attackers can upload malicious PHP files to the vulnerable file management system, achieving remote code execution on the server.

Advisories such as the VulnCheck report on the authentication bypass and remote code execution provide further technical details, while a proof-of-concept exploit is available on Exploit-DB (ID 51067). Practitioners should review the eXtplorer website (extplorer.net) and referenced sources for any patch or mitigation guidance. The CVE was published on 2026-01-13.