CVE-2023-24108 : MvcTools 6d48cd6830fc1df1d8c9d61caa1805fd6a1b7737 was discovered to contain a co

MvcTools 6d48cd6830fc1df1d8c9d61caa1805fd6a1b7737 was discovered to contain a code execution backdoor via the request package (requirements.txt). This vulnerability allows attackers to access sensitive user information and execute arbitrary code.

Published 2023-02-22 04:15:10

Updated 2023-03-02 19:42:45

Source MITRE

View at NVD, CVE.org

Vulnerability category: Execute code

Products affected by CVE-2023-24108

Zetacomponenets » Mvctools » Version: 2008-09-23
cpe:2.3:a:zetacomponenets:mvctools:2008-09-23:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2023-24108

EPSS FAQ

0.50%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 76 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-24108

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

References for CVE-2023-24108

https://github.com/zetacomponents/MvcTools/

GitHub - zetacomponents/MvcTools
Product
https://github.com/zetacomponents/MvcTools/issues/12

code backdoor · Issue #12 · zetacomponents/MvcTools · GitHub
Exploit

Jump to

Vulnerability Details : CVE-2023-24108

Products affected by CVE-2023-24108

Exploit prediction scoring system (EPSS) score for CVE-2023-24108

CVSS scores for CVE-2023-24108

References for CVE-2023-24108