exploitDog

CVE-2023-24835

Опубликовано: 27 мар. 2023

Источник: nvd

CVSS3: 7.2

EPSS Низкий

Описание

Softnext Technologies Corp.’s SPAM SQR has a vulnerability of Code Injection within its specific function. An authenticated remote attacker with administrator privilege can exploit this vulnerability to execute arbitrary system command to perform arbitrary system operation or disrupt service.

Ссылки

https://www.twcert.org.tw/tw/cp-132-6955-c7612-1.html
Third Party Advisory
https://www.twcert.org.tw/tw/cp-132-6955-c7612-1.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:softnext:spam_sqr:*:*:*:*:*:*:*:*

Версия до 2.221231 (исключая)

EPSS

Процентиль: 52%

0.00289

Низкий

7.2 High

CVSS3

Дефекты

CWE-94

Связанные уязвимости

GHSA-gpxg-3cwf-59mg

CVSS3: 7.2

github

больше 2 лет назад

Softnext Technologies Corp.’s SPAM SQR has a vulnerability of Code Injection within its specific function. An authenticated remote attacker with administrator privilege can exploit this vulnerability to execute arbitrary system command to perform arbitrary system operation or disrupt service.

EPSS

Процентиль: 52%

0.00289

Низкий

7.2 High

CVSS3

Дефекты

CWE-94