exploitDog

CVE-2023-43187

Опубликовано: 27 сент. 2023

Источник: nvd

CVSS3: 9.8

EPSS Критический

Описание

A remote code execution (RCE) vulnerability in the xmlrpc.php endpoint of NodeBB Inc NodeBB forum software prior to v1.18.6 allows attackers to execute arbitrary code via crafted XML-RPC requests.

Ссылки

https://github.com/jagat-singh-chaudhary/CVE/blob/main/CVE-2023-43187
Exploit
Third Party Advisory
https://github.com/jagat-singh-chaudhary/CVE/blob/main/CVE-2023-43187
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:nodebb:nodebb:*:*:*:*:*:*:*:*

Версия до 1.18.6 (исключая)

EPSS

Процентиль: 100%

0.90105

Критический

9.8 Critical

CVSS3

Дефекты

CWE-91

Связанные уязвимости

GHSA-2h59-fhpr-vfx4

CVSS3: 9.8

github

больше 2 лет назад

A remote code execution (RCE) vulnerability in the xmlrpc.php endpoint of NodeBB Inc NodeBB forum software prior to v1.18.6 allows attackers to execute arbitrary code via crafted XML-RPC requests.

EPSS

Процентиль: 100%

0.90105

Критический

9.8 Critical

CVSS3

Дефекты

CWE-91