exploitDog

CVE-2021-37158

Опубликовано: 10 нояб. 2021

Источник: nvd

CVSS3: 8.8

CVSS2: 9

EPSS Низкий

Описание

An issue was discovered in OpenGamePanel OGP-Agent-Linux through 2021-08-14. An authenticated attacker could inject OS commands by starting a Counter-Strike server and using the map field to enter a Bash command.

Ссылки

https://github.com/OpenGamePanel/OGP-Website/pull/561
Third Party Advisory
https://www.exploit-db.com/exploits/50373
Exploit
Third Party Advisory
VDB Entry
https://github.com/OpenGamePanel/OGP-Website/pull/561
Third Party Advisory
https://www.exploit-db.com/exploits/50373
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:opengamepanel:opengamepanel:*:*:*:*:*:linux_kernel:*:*

Версия до 2021-08-14 (включая)

EPSS

Процентиль: 68%

0.00576

Низкий

8.8 High

CVSS3

9 Critical

CVSS2

Дефекты

CWE-78

Связанные уязвимости

GHSA-gcvf-mvcf-24f4

github

больше 3 лет назад

An issue was discovered in OpenGamePanel OGP-Agent-Linux through 2021-08-14. An authenticated attacker could inject OS commands by starting a Counter-Strike server and using the map field to enter a Bash command.

EPSS

Процентиль: 68%

0.00576

Низкий

8.8 High

CVSS3

9 Critical

CVSS2

Дефекты

CWE-78