exploitDog

CVE-2023-3767

Опубликовано: 27 сент. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

An OS command injection vulnerability has been found on EasyPHP Webserver affecting version 14.1. This vulnerability could allow an attacker to get full access to the system by sending a specially crafted exploit to the /index.php?zone=settings parameter.

Ссылки

https://www.incibe.es/incibe-cert/alerta-temprana/avisos/inyeccion-de-comandos-os-en-easyphp-webserver
Third Party Advisory
https://www.incibe.es/incibe-cert/alerta-temprana/avisos/inyeccion-de-comandos-os-en-easyphp-webserver
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:easyphp:webserver:14.1:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00787

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-78

CWE-78

Связанные уязвимости

GHSA-2v7x-3r8r-xgw9

CVSS3: 9.8

github

больше 2 лет назад

An OS command injection vulnerability has been found on EasyPHP Webserver affecting version 14.1. This vulnerability could allow an attacker to get full access to the system by sending a specially crafted exploit to the /index.php?zone=settings parameter.

EPSS

Процентиль: 73%

0.00787

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-78

CWE-78