CVE-2023-0315
HIGH8.8EPSS 89.1%Froxlor vulnerable to Command Injection
Published: 1/16/2023Modified: 11/8/2023
Description
Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8.
Affected packages (1)
- Packagist/froxlor/froxlorfrom 0, < 2.0.8
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
References (6)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2023-0315
- PATCHhttps://github.com/Froxlor/Froxlor
- WEBhttp://packetstormsecurity.com/files/171108/Froxlor-2.0.6-Remote-Command-Execution.html
- WEBhttp://packetstormsecurity.com/files/171729/Froxlor-2.0.3-Stable-Remote-Code-Execution.html
- WEBhttps://github.com/froxlor/froxlor/commit/090cfc26f2722ac3036cc7fd1861955bc36f065a
- WEBhttps://huntr.dev/bounties/ff4e177b-ba48-4913-bbfa-ab8ce0db5943