Описание
Snipe-IT before version 8.3.3 contains a remote code execution vulnerability that allows an authenticated attacker to upload a malicious backup file containing arbitrary files and execute system commands.
Уязвимые конфигурации
Конфигурация 1Версия до 8.3.3 (исключая)
cpe:2.3:a:snipeitapp:snipe-it:*:*:*:*:*:*:*:*
EPSS
Процентиль: 62%
0.00433
Низкий
9.9 Critical
CVSS3
Дефекты
CWE-434
Связанные уязвимости
CVSS3: 9.9
debian
3 месяца назад
Snipe-IT before version 8.3.3 contains a remote code execution vulnera ...
CVSS3: 9.9
github
3 месяца назад
Snipe-IT before version 8.3.3 contains a remote code execution vulnerability that allows an authenticated attacker to upload a malicious backup file containing arbitrary files and execute system commands.
EPSS
Процентиль: 62%
0.00433
Низкий
9.9 Critical
CVSS3
Дефекты
CWE-434