Cyber Resilience

CVE-2023-54337

MediumPublic PoC

Published: 13 January 2026

Published
13 January 2026
Modified
26 January 2026
KEV Added
Patch
CVSS Score v4 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0049 38.5th percentile
Risk Priority 35 floored blend · peak EPSS

Summary

CVE-2023-54337 is a medium-severity Improper Validation of Specified Quantity in Input (CWE-1284) vulnerability in Sysax Multi Server. Its CVSS base score is 5.1 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 38.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2023-54337 is a denial-of-service vulnerability affecting Sysax Multi Server version 6.95, specifically in the administrative password field. The flaw allows attackers to crash the application by overwriting the password field with 800 bytes of repeated characters, leading to disruption of server functionality. It has been assigned a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H) and maps to CWE-1284 (Improper Validation of Specified Quantity in Input).

The vulnerability can be exploited remotely by unauthenticated attackers over the network with low complexity and no user interaction required. Successful exploitation triggers an application crash, resulting in high impacts to integrity and availability while sparing confidentiality. This disrupts server operations, potentially denying service to legitimate users.

Advisories from Vulncheck and a proof-of-concept on Exploit-DB detail the issue and demonstrate the attack using repeated characters in the password field. The vendor site at sysax.com is referenced, though no specific patches or mitigations are detailed in available information. Security practitioners should monitor for updates and consider restricting access to administrative interfaces.

EU & UK References

Vulnerability details

Sysax Multi Server 6.95 contains a denial of service vulnerability in the administrative password field that allows attackers to crash the application. Attackers can overwrite the password field with 800 bytes of repeated characters to trigger an application crash and…

more

disrupt server functionality.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Remote unauthenticated buffer overflow-style input in a network server admin interface directly enables T1190 for initial access and T1499.004 for application crash DoS.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2012-10060Same product: Sysax Multi Server
CVE-2024-53458Same product: Sysax Multi Server
CVE-2026-1092Shared CWE-1284
CVE-2026-8047Shared CWE-1284
CVE-2025-14513Shared CWE-1284
CVE-2025-55398Shared CWE-1284
CVE-2026-3381Shared CWE-1284
CVE-2026-27384Shared CWE-1284
CVE-2021-47824Shared CWE-1284
CVE-2026-44826Shared CWE-1284

Affected Assets

sysax
multi server
6.95

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly enforces validation of specified quantities in inputs like the administrative password field to prevent crashes from oversized repeated characters.

preventdetect

Protects against or limits denial-of-service effects from application crashes triggered by malformed inputs in the password field.

prevent

Facilitates timely remediation of the specific flaw in Sysax Multi Server via patching to eliminate the vulnerability exploitation path.

References