ГлавнаяУязвимости → CVE-2023-54335
9.8критическая

CVE-2023-54335

Описание

eXtplorer 2.1.14 contains an authentication bypass vulnerability that allows attackers to login without a password by manipulating the login request. Attackers can exploit this flaw to upload malicious PHP files and execute remote commands on the vulnerable file management system.

Затрагиваемое ПО
Extplorer Extplorer
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://extplorer.net/https://www.exploit-db.com/exploits/51067https://www.vulncheck.com/advisories/extplorer-authentication-bypass-remote-code-execution-rcehttps://www.exploit-db.com/exploits/51067