CVE-2023-49102 in NZBGetИнформация

Сводка

по MITRE • 23.11.2023

NZBGet 21.1 allows authenticated remote code execution because the unarchive programs (7za and unrar) preserve executable file permissions. An attacker with the Control capability can execute a file by setting the value of SevenZipCommand or UnrarCmd. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Резервировать

21.11.2023

Раскрытие

23.11.2023

Модерация

принято

Вход

VDB-246032

EPSS

0.01501

KEV

Нет

Деятельности

Очень низкий

Источники

Want to know what is going to be exploited?

We predict KEV entries!