exploitDog

CVE-2023-54331

Опубликовано: 13 янв. 2026

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

Outline 1.6.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the OutlineService executable to inject malicious code that will be executed with LocalSystem permissions.

Ссылки

https://getoutline.org/
Product
https://www.exploit-db.com/exploits/51128
Exploit
Third Party Advisory
https://www.vulncheck.com/advisories/outline-unquoted-service-path
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:getoutline:outline:-:*:*:*:*:*:*:*

EPSS

Процентиль: 2%

0.00014

Низкий

7.8 High

CVSS3

Дефекты

CWE-428

Связанные уязвимости

GHSA-368x-rx64-j3wc

CVSS3: 8.4

github

24 дня назад

Outline 1.6.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the OutlineService executable to inject malicious code that will be executed with LocalSystem permissions.

EPSS

Процентиль: 2%

0.00014

Низкий

7.8 High

CVSS3

Дефекты

CWE-428