exploitDog

CVE-2023-53945

Опубликовано: 19 дек. 2025

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

BrainyCP 1.0 contains an authenticated remote code execution vulnerability that allows logged-in users to inject arbitrary commands through the crontab configuration interface. Attackers can exploit the crontab endpoint by adding a malicious command that spawns a reverse shell to a specified IP and port.

Ссылки

https://brainycp.io
Product
https://www.exploit-db.com/exploits/51357
Exploit
Third Party Advisory
https://www.vulncheck.com/advisories/brainycp-remote-code-execution-via-authenticated-crontab-manipulation
Third Party Advisory
https://www.exploit-db.com/exploits/51357
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:brainycp:brainycp:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 58%

0.00358

Низкий

8.8 High

CVSS3

Дефекты

CWE-78

Связанные уязвимости

GHSA-fq6c-qxhp-r3x2

CVSS3: 8.8

github

около 2 месяцев назад

BrainyCP 1.0 contains an authenticated remote code execution vulnerability that allows logged-in users to inject arbitrary commands through the crontab configuration interface. Attackers can exploit the crontab endpoint by adding a malicious command that spawns a reverse shell to a specified IP and port.

EPSS

Процентиль: 58%

0.00358

Низкий

8.8 High

CVSS3

Дефекты

CWE-78