CVE-2023-49102 in NZBGetالمعلومات

الملخص

بحسب MITRE • 23/11/2023

NZBGet 21.1 allows authenticated remote code execution because the unarchive programs (7za and unrar) preserve executable file permissions. An attacker with the Control capability can execute a file by setting the value of SevenZipCommand or UnrarCmd. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

حجز

21/11/2023

إفشاء

23/11/2023

الاعتدال

تمت الموافقة

إدخال

VDB-246032

EPSS

0.01501

KEV

لا

النشاطات

منخفض جدًا

المصادر

Interested in the pricing of exploits?

See the underground prices here!