Login Sign Up

CVE-2023-46501

9.1 CRITICAL
Authentication Bypass

📋 TL;DR

This vulnerability in BoltWire v6.03 allows remote attackers to bypass authentication and access sensitive administrative functions, including viewing and changing admin passwords. Any organization running the affected BoltWire version is vulnerable to unauthorized access and potential system compromise.

💻 Affected Systems

Products:
  • BoltWire
Versions: v6.03
Operating Systems: All platforms running BoltWire
Default Config Vulnerable: ⚠️ Yes
Notes: All installations of BoltWire v6.03 are vulnerable regardless of configuration

📦 What is this software?

Boltwire by Boltwire

View all CVEs affecting Boltwire →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system takeover with admin password compromise leading to data theft, defacement, or ransomware deployment

🟠

Likely Case

Unauthorized access to admin panel leading to password changes, configuration modifications, and potential data exposure

🟢

If Mitigated

Limited impact with proper network segmentation and monitoring detecting unauthorized access attempts

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public exploit code available on GitHub with simple payloads requiring no authentication

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available or implementing workarounds.

🔧 Temporary Workarounds

Restrict Access to Admin Functions

all

Implement IP-based restrictions or authentication requirements for admin endpoints

# Example Apache .htaccess:
Order deny,allow
Deny from all
Allow from 192.168.1.0/24
# Example Nginx:
location /admin/ {
    allow 192.168.1.0/24;
    deny all;
}

Disable Vulnerable Endpoints

all

Block or disable the specific vulnerable admin functions

# Use web server rewrite rules or application firewall to block:
# /admin/view_password and /admin/change_password endpoints

🧯 If You Can't Patch

  • Implement strict network segmentation to isolate BoltWire from critical systems
  • Enable detailed logging and monitoring for unauthorized admin access attempts

🔍 How to Verify

Check if Vulnerable:

Test if unauthenticated access to admin password functions is possible using public PoC scripts

Check Version:

Check BoltWire version in admin panel or configuration files

Verify Fix Applied:

Verify that admin password functions now require proper authentication and return access denied for unauthorized requests

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized access to /admin/view_password or /admin/change_password endpoints
  • Multiple failed authentication attempts followed by successful admin access

Network Indicators:

  • Unusual traffic patterns to admin endpoints from external IPs
  • HTTP requests with crafted payloads targeting password functions

SIEM Query:

source="web_logs" AND (uri="/admin/view_password" OR uri="/admin/change_password") AND response_code=200 AND NOT user_agent="admin_browser"

📊 Metadata

CVE ID: CVE-2023-46501
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CWE: CWE-284
Published: November 7, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-46501, you might also want to check these:

CVE-2021-34795 10.0

This critical vulnerability in Cisco Catalyst PON Series Switches ONT web management interface allow...

Same vulnerability type (CWE-284)
CVE-2021-40113 10.0

Multiple vulnerabilities in Cisco Catalyst PON Series Switches ONT web management interface allow un...

Same vulnerability type (CWE-284)
CVE-2026-21636 10.0

A critical vulnerability in Node.js v25's experimental permission model allows attacker-controlled i...

Same vulnerability type (CWE-284)