CVE-2021-29465 in discord-recon情報

要約

〜によって MITRE • 2021年04月22日

Discord-Recon is a bot for the Discord chat service. Versions of Discord-Recon 0.0.3 and prior contain a vulnerability in which a remote attacker is able to overwrite any file on the system with the command results. This can result in remote code execution when the user overwrite important files on the system. As a workaround, bot maintainers can edit their `setting.py` file then add `` into the `RCE` variable inside of it to fix the issue without an update. The vulnerability is patched in version 0.0.4.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

責任者

GitHub, Inc.

予約する

2021年03月30日

公開

2021年04月22日

モデレーション

承諾済み

エントリ

VDB-173255

CPE

準備完了

CWE

CWE-94 (確認済み)

CVSS

6.3 (VulDB)

EPSS

0.03684

KEV

いいえ

アクティビティ

非常低い

ソース

MITRE	https://www.cve.org/CVERecord?id=CVE-2021-29465
NVD	https://nvd.nist.gov/vuln/detail/CVE-2021-29465
CVE Details	https://www.cvedetails.com/cve/CVE-2021-29465/

◂ 前概要次 ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!