Описание
SABnzbd 2.3.9 and 3.0.0Alpha2 has a command injection vulnerability in the web configuration interface that permits an authenticated user to execute arbitrary Python commands on the underlying operating system.
Ссылки
- PatchThird Party Advisory
- PatchThird Party Advisory
- ProductVendor Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- ProductVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sabnzbd:sabnzbd:2.3.9:*:*:*:*:*:*:*
cpe:2.3:a:sabnzbd:sabnzbd:3.0.0:alpha2:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.09605
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 8.8
ubuntu
больше 5 лет назад
SABnzbd 2.3.9 and 3.0.0Alpha2 has a command injection vulnerability in the web configuration interface that permits an authenticated user to execute arbitrary Python commands on the underlying operating system.
CVSS3: 8.8
debian
больше 5 лет назад
SABnzbd 2.3.9 and 3.0.0Alpha2 has a command injection vulnerability in ...
EPSS
Процентиль: 93%
0.09605
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-78