exploitDog

CVE-2023-20852

Опубликовано: 27 апр. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

aEnrich Technology a+HRD has a vulnerability of Deserialization of Untrusted Data within its MSMQ interpreter. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary system commands to perform arbitrary system operation or disrupt service.

Ссылки

https://www.twcert.org.tw/tw/cp-132-7023-8368b-1.html
Third Party Advisory
https://www.twcert.org.tw/tw/cp-132-7023-8368b-1.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:aenrich:a\+hrd:6.8.1039v844:*:*:*:*:*:*:*

EPSS

Процентиль: 69%

0.00601

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-502

Связанные уязвимости

GHSA-wcmw-fjqp-gpmg

CVSS3: 9.8

github

почти 3 года назад

aEnrich Technology a+HRD has a vulnerability of Deserialization of Untrusted Data within its MSMQ interpreter. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary system commands to perform arbitrary system operation or disrupt service.

EPSS

Процентиль: 69%

0.00601

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-502