exploitDog

GHSA-99wp-pqm6-2vh4

Опубликовано: 29 апр. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

Sed Injection Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.12. An authenticated remote attacker with low privileges can execute arbitrary code under root context.

Sed Injection Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.12. An authenticated remote attacker with low privileges can execute arbitrary code under root context.

Ссылки

EPSS

Процентиль: 82%

0.01681

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-20

CWE-74

CWE-77

Связанные уязвимости

CVE-2022-1509

CVSS3: 9.9

nvd

почти 4 года назад

Command Injection Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.12. An authenticated remote attacker with low privileges can execute arbitrary code under root context.

EPSS

Процентиль: 82%

0.01681

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-20

CWE-74

CWE-77