exploitDog

CVE-2023-48887

Опубликовано: 01 дек. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

A deserialization vulnerability in Jupiter v1.3.1 allows attackers to execute arbitrary commands via sending a crafted RPC request.

Ссылки

https://github.com/fengjiachun/Jupiter
Product
https://github.com/fengjiachun/Jupiter/issues/115
Exploit
https://github.com/welk1n/JNDI-Injection-Exploit/releases/tag/v1.0
Not Applicable
https://github.com/fengjiachun/Jupiter
Product
https://github.com/fengjiachun/Jupiter/issues/115
Exploit
https://github.com/welk1n/JNDI-Injection-Exploit/releases/tag/v1.0
Not Applicable

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:fengjiachun:jupiter:1.3.1:*:*:*:*:*:*:*

EPSS

Процентиль: 25%

0.00089

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-502

Связанные уязвимости

GHSA-6pqx-v9g4-5hc8

CVSS3: 9.8

github

около 2 лет назад

Jupiter allows attackers to execute arbitrary commands via sending a crafted RPC request

EPSS

Процентиль: 25%

0.00089

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-502