Vulnerability Details : CVE-2023-31465
Potential exploit
An issue was discovered in FSMLabs TimeKeeper 8.0.17 through 8.0.28. By intercepting requests from various timekeeper streams, it is possible to find the getsamplebacklog call. Some query parameters are passed directly in the URL and named arg[x], with x an integer starting from 1; it is possible to modify arg[2] to insert Bash code that will be executed directly by the server.
Products affected by CVE-2023-31465
- cpe:2.3:a:fsmlabs:timekeeper:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-31465
5.11%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 93 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-31465
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
References for CVE-2023-31465
-
https://fsmlabs.com/fsmlabs-cybersecurity/
FSMLabs Cybersecurity - FSMLabsProduct
-
https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-2023-31465.md
Disclosure/CVE PoC/CVE-2023-31465.md at main · CapgeminiCisRedTeam/Disclosure · GitHubExploit;Third Party Advisory
Jump to