exploitDog

CVE-2023-24366

Опубликовано: 27 мар. 2023

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

An arbitrary file download vulnerability in rConfig v6.8.0 allows attackers to download sensitive files via a crafted HTTP request.

Ссылки

https://github.com/mrojz/rconfig-exploit/blob/main/CVE-2023-24366.md
Third Party Advisory
https://github.com/mrojz/rconfig-exploit/blob/main/rconfigV6_Local_File_Disclosure.md
Broken Link
https://github.com/mrojz/rconfig-exploit/blob/main/CVE-2023-24366.md
Third Party Advisory
https://github.com/mrojz/rconfig-exploit/blob/main/rconfigV6_Local_File_Disclosure.md
Broken Link

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:rconfig:rconfig:6.8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 55%

0.00325

Низкий

6.5 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-qxx5-wqw4-5j7v

CVSS3: 6.5

github

почти 3 года назад

An arbitrary file download vulnerability in rConfig v6.8.0 allows attackers to download sensitive files via a crafted HTTP request.

EPSS

Процентиль: 55%

0.00325

Низкий

6.5 Medium

CVSS3

Дефекты

NVD-CWE-noinfo