exploitDog

CVE-2023-26266

Опубликовано: 21 фев. 2023

Источник: nvd

CVSS3: 7.3

EPSS Низкий

Описание

In AFL++ 4.05c, the CmpLog component uses the current working directory to resolve and execute unprefixed fuzzing targets, allowing code execution.

Ссылки

https://github.com/AFLplusplus/AFLplusplus/pull/1643
Exploit
Patch
https://github.com/AFLplusplus/AFLplusplus/pull/1643
Exploit
Patch

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:afl\+\+_project:afl\+\+:4.05c:*:*:*:*:*:*:*

EPSS

Процентиль: 9%

0.00033

Низкий

7.3 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-427

Связанные уязвимости

CVE-2023-26266

CVSS3: 7.3

ubuntu

почти 3 года назад

In AFL++ 4.05c, the CmpLog component uses the current working directory to resolve and execute unprefixed fuzzing targets, allowing code execution.

CVE-2023-26266

CVSS3: 7.3

debian

почти 3 года назад

In AFL++ 4.05c, the CmpLog component uses the current working director ...

GHSA-62wp-583h-jvfj

CVSS3: 9.8

github

почти 3 года назад

In AFL++ 4.05c, the CmpLog component uses the current working directory to resolve and execute unprefixed fuzzing targets, allowing code execution.

EPSS

Процентиль: 9%

0.00033

Низкий

7.3 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-427