exploitDog

CVE-2023-36255

Опубликовано: 03 авг. 2023

Источник: nvd

CVSS3: 8.8

EPSS Высокий

Описание

An issue in Eramba Limited Eramba Enterprise and Community edition v.3.19.1 allows a remote attacker to execute arbitrary code via the path parameter in the URL.

Ссылки

http://eramba.com
Broken Link
https://trovent.github.io/security-advisories/TRSA-2303-01/TRSA-2303-01.txt
https://trovent.io/security-advisory-2303-01/
Exploit
Third Party Advisory
https://www.eramba.org
http://eramba.com
Broken Link
https://trovent.github.io/security-advisories/TRSA-2303-01/TRSA-2303-01.txt
https://trovent.io/security-advisory-2303-01/
Exploit
Third Party Advisory
https://www.eramba.org

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:eramba:eramba:3.19.1:*:*:*:*:*:*:*

EPSS

Процентиль: 99%

0.87697

Высокий

8.8 High

CVSS3

Дефекты

CWE-94

Связанные уязвимости

GHSA-9fh9-8mc9-6cwv

CVSS3: 8.8

github

больше 2 лет назад

An issue in Eramba Limited Eramba Enterprise v.3.19.1 allows a remote attacker to execute arbitrary code via the path parameter in the URL.

EPSS

Процентиль: 99%

0.87697

Высокий

8.8 High

CVSS3

Дефекты

CWE-94