Описание
Softaculous Webuzo contains an authentication bypass vulnerability through the password reset functionality. Remote, anonymous attackers can exploit this vulnerability to gain full server access as the root user.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.2.9 (исключая)
cpe:2.3:a:softaculous:webuzo:*:*:*:*:*:*:*:*
EPSS
Процентиль: 16%
0.0005
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-697
CWE-697
Связанные уязвимости
CVSS3: 9.8
github
больше 1 года назад
Softaculous Webuzo contains an authentication bypass vulnerability through the password reset functionality. Remote, anonymous attackers can exploit this vulnerability to gain full server access as the root user.
EPSS
Процентиль: 16%
0.0005
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-697
CWE-697