CVE-2023-0315 | Severity.io

Description

Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8.

Related CPE's

Vulnerable

References

http://packetstormsecurity.com/files/171108/Froxlor-2.0.6-Remote-Command-Execution.html

http://packetstormsecurity.com/files/171729/Froxlor-2.0.3-Stable-Remote-Code-Execution.html

https://github.com/froxlor/froxlor/commit/090cfc26f2722ac3036cc7fd1861955bc36f065a

PatchThird Party Advisory

https://huntr.dev/bounties/ff4e177b-ba48-4913-bbfa-ab8ce0db5943

ExploitPatchThird Party Advisory

http://packetstormsecurity.com/files/171108/Froxlor-2.0.6-Remote-Command-Execution.html

http://packetstormsecurity.com/files/171729/Froxlor-2.0.3-Stable-Remote-Code-Execution.html

https://github.com/froxlor/froxlor/commit/090cfc26f2722ac3036cc7fd1861955bc36f065a

PatchThird Party Advisory

https://huntr.dev/bounties/ff4e177b-ba48-4913-bbfa-ab8ce0db5943

ExploitPatchThird Party Advisory

Weaknesses

[email protected]

Secondary

CWE-77

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.8 · High

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-01-16T00:15:08.937Z

3 years ago

Last modified

2024-11-21T06:36:57.423Z

1 year ago