exploitDog

CVE-2023-42280

Опубликовано: 21 сент. 2023

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

mee-admin 1.5 is vulnerable to Directory Traversal. The download method in the CommonFileController.java file does not verify the incoming data, resulting in arbitrary file reading.

Ссылки

https://github.com/zaizainani/-Vulnerability-recurrence-sorting/blob/main/anyfiledown-en.pdf
Exploit
Third Party Advisory
https://github.com/zaizainani/-Vulnerability-recurrence-sorting/blob/main/anyfiledown-en.pdf
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:springernature:mee-admin:1.5:*:*:*:*:*:*:*

EPSS

Процентиль: 51%

0.00283

Низкий

7.5 High

CVSS3

Дефекты

CWE-22

Связанные уязвимости

GHSA-m69v-fw3j-m3f7

CVSS3: 7.5

github

больше 2 лет назад

mee-admin 1.5 is vulnerable to Directory Traversal. The download method in the CommonFileController.java file does not verify the incoming data, resulting in arbitrary file reading.

EPSS

Процентиль: 51%

0.00283

Низкий

7.5 High

CVSS3

Дефекты

CWE-22