CVE-2023-49102 in NZBGet
Сводка
по MITRE • 23.11.2023
NZBGet 21.1 allows authenticated remote code execution because the unarchive programs (7za and unrar) preserve executable file permissions. An attacker with the Control capability can execute a file by setting the value of SevenZipCommand or UnrarCmd. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
If you want to get best quality of vulnerability data, you may have to visit VulDB.