Description

Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8.

Related CPE's

a

froxlor

froxlor

Vulnerable

References

http://packetstormsecurity.com/files/171108/Froxlor-2.0.6-Remote-Command-Execution.html

http://packetstormsecurity.com/files/171729/Froxlor-2.0.3-Stable-Remote-Code-Execution.html

https://github.com/froxlor/froxlor/commit/090cfc26f2722ac3036cc7fd1861955bc36f065a

PatchThird Party Advisory

https://huntr.dev/bounties/ff4e177b-ba48-4913-bbfa-ab8ce0db5943

ExploitPatchThird Party Advisory

Weaknesses

[email protected]

Primary
CWE-77

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.8 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-01-16T01:15:08.937

2 years ago

Last modified

2023-04-06T17:15:09.853

2 years ago