SolarWinds has released their Access Rights Manager version 2023.2.3, in which several vulnerabilities associated with Deserialization and Directory Traversal leading to Remote code execution have been fixed. The CVEs of these vulnerabilities were assigned with CVE-2023-40057 (Deserialization of Untrusted Data Remote Code Execution) CVE-2023-23476 (Directory Traversal Remote Code Execution Vulnerability) CVE-2023-23477 (Directory Traversal Remote Code Execution Vulnerability) CVE-2023-23478 (Deserialization of Untrusted Data Remote Code Execution) and CVE-2023-23479 (Directory Traversal Remote Code Execution Vulnerability).

Source: GBHackers