8.8

CVE-2023-27842

Exploit
Insecure Permissions vulnerability found in Extplorer File manager eXtplorer v.2.1.15 allows a remote attacker to execute arbitrary code via the index.php compenent
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ExtplorerExtplorer Version2.1.15
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.4% 0.819
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-277 Insecure Inherited Permissions

A product defines a set of insecure permissions that are inherited by objects that are created by the program.

http://blog.tristaomarinho.com/extplorer-2-1-15-insecure-permissions-following-remote-code-execution/
Third Party Advisory
Exploit
http://extplorer.net/
Product
http://extplorer.net/attachments/download/99/eXtplorer_2.1.15.zip
Product
https://github.com/tristao-marinho/CVE-2023-27842
Third Party Advisory
Exploit
https://github.com/tristao-marinho/CVE-2023-27842/blob/main/README.md
Third Party Advisory
Exploit