Описание
MaxKB (Max Knowledge Base) is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation (RAG). A reverse shell vulnerability exists in the module of function library. The vulnerability allow privileged users to create a reverse shell. This vulnerability is fixed in v1.10.4-lts.
Уязвимые конфигурации
Конфигурация 1Версия до 1.10.4 (исключая)
cpe:2.3:a:maxkb:maxkb:*:*:*:*:lts:*:*:*
EPSS
Процентиль: 46%
0.00232
Низкий
4.3 Medium
CVSS3
7.2 High
CVSS3
Дефекты
CWE-94
EPSS
Процентиль: 46%
0.00232
Низкий
4.3 Medium
CVSS3
7.2 High
CVSS3
Дефекты
CWE-94