exploitDog

CVE-2024-33443

Опубликовано: 29 апр. 2024

Источник: nvd

CVSS3: 7.1

EPSS Низкий

Описание

An issue in onethink v.1.1 allows a remote attacker to execute arbitrary code via a crafted script to the AddonsController.class.php component.

Ссылки

https://gist.github.com/LioTree/a81111fb0c598a920cb49aaf0bd64e58
Exploit
Third Party Advisory
https://github.com/liu21st/onethink/issues/40
Exploit
Issue Tracking
Third Party Advisory
https://gist.github.com/LioTree/a81111fb0c598a920cb49aaf0bd64e58
Exploit
Third Party Advisory
https://github.com/liu21st/onethink/issues/40
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:onethink:onethink:1.1:*:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01322

Низкий

7.1 High

CVSS3

Дефекты

CWE-94

Связанные уязвимости

GHSA-jmrw-j3gj-4xq7

CVSS3: 7.1

github

почти 2 года назад

An issue in onethink v.1.1 allows a remote attacker to execute arbitrary code via a crafted script to the AddonsController.class.php component.

EPSS

Процентиль: 80%

0.01322

Низкий

7.1 High

CVSS3

Дефекты

CWE-94