Описание
OS command injection vulnerability in Nadesiko3 (PC Version) v3.3.61 and earlier allows a remote attacker to execute an arbitrary OS command when processing compression and decompression on the product.
Ссылки
- Issue TrackingPatchThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.3.68 (включая)
cpe:2.3:a:kujirahand:nadesiko3:*:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02345
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-78
CWE-78
Связанные уязвимости
EPSS
Процентиль: 84%
0.02345
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-78
CWE-78