CVE-2023-23314

Description

An arbitrary file upload vulnerability in the /api/upload component of zdir v3.2.0 allows attackers to execute arbitrary code via a crafted .ssh file.

Related CPE's

a zdir_project zdir 3.2.0 *******

References

https://github.com/helloxz/zdir/issues/90

ExploitIssue TrackingPatchThird Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io