exploitDog

CVE-2023-41149

Опубликовано: 06 сент. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

F-RevoCRM version7.3.7 and version7.3.8 contains an OS command injection vulnerability. If this vulnerability is exploited, an attacker who can access the product may execute an arbitrary OS command on the server where the product is running.

Ссылки

http://jvn.jp/en/jp/JVN78113802/
Third Party Advisory
https://f-revocrm.jp/2023/08/9394/
Vendor Advisory
http://jvn.jp/en/jp/JVN78113802/
Third Party Advisory
https://f-revocrm.jp/2023/08/9394/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:f-revocrm:f-revocrm:7.3.7:*:*:*:*:*:*:*

cpe:2.3:a:f-revocrm:f-revocrm:7.3.8:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00526

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-78

Связанные уязвимости

GHSA-3f2g-h9gm-mf27

CVSS3: 9.8

github

больше 2 лет назад

F-RevoCRM version7.3.7 and version7.3.8 contains an OS command injection vulnerability. If this vulnerability is exploited, an attacker who can access the product may execute an arbitrary OS command on the server where the product is running.

EPSS

Процентиль: 66%

0.00526

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-78