Описание
PyroCMS remote code execution vulnerability
PyroCMS 3.9 contains a remote code execution (RCE) vulnerability that can be exploited through a server-side template injection (SSTI) flaw. This vulnerability allows a malicious attacker to send customized commands to the server and execute arbitrary code on the affected system.
Пакеты
Наименование
pyrocms/pyrocms
composer
Затронутые версииВерсия исправления
<= 3.9
Отсутствует
Связанные уязвимости
CVSS3: 9.8
nvd
больше 2 лет назад
PyroCMS 3.9 contains a remote code execution (RCE) vulnerability that can be exploited through a server-side template injection (SSTI) flaw. This vulnerability allows a malicious attacker to send customized commands to the server and execute arbitrary code on the affected system.