dst-admin 1.5.0 /home/masterConsole command privilegier eskalering

InträdeHistoryrelatejsonxmlCTI

Det var en kritisksvag punkt som finns i dst-admin 1.5.0. Som påverkar en okänd funktion filen /home/masterConsole. Manipulering av argumenten command en okänd ingång leder till en sårbarhet klass privilegier eskalering svag punkt. Den rådgivande finns tillgänglig för nedladdning på github.com. Denna svaga punkt är känd som CVE-2023-0648. Attacken på nätet kan. Det finns tekniska detaljer känd. Han deklarerade proof-of-concept. Den exploit kan laddas ner från github.com.

4 Ändringar · 70 Datapunkter

Fält	Skapad 02/02/2023 14:34	Update 1/3 02/02/2023 14:36	Update 2/3 01/03/2023 19:40	Update 3/3 01/03/2023 19:47
software_name	dst-admin	dst-admin	dst-admin	dst-admin
software_version	1.5.0	1.5.0	1.5.0	1.5.0
software_file	/home/masterConsole	/home/masterConsole	/home/masterConsole	/home/masterConsole
software_argument	command	command	command	command
vulnerability_cwe	CWE-77 (privilegier eskalering)	CWE-77 (privilegier eskalering)	CWE-77 (privilegier eskalering)	CWE-77 (privilegier eskalering)
vulnerability_risk	2	2	2	2
cvss3_vuldb_av	N	N	N	N
cvss3_vuldb_ac	L	L	L	L
cvss3_vuldb_pr	L	L	L	L
cvss3_vuldb_ui	N	N	N	N
cvss3_vuldb_s	U	U	U	U
cvss3_vuldb_c	L	L	L	L
cvss3_vuldb_i	L	L	L	L
cvss3_vuldb_a	L	L	L	L
cvss3_vuldb_e	P	P	P	P
cvss3_vuldb_rc	R	R	R	R
exploit_availability	1	1	1	1
exploit_publicity	1	1	1	1
source_cve	CVE-2023-0648	CVE-2023-0648	CVE-2023-0648	CVE-2023-0648
cna_responsible	VulDB	VulDB	VulDB	VulDB
advisory_date	1675292400 (02/02/2023)	1675292400 (02/02/2023)	1675292400 (02/02/2023)	1675292400 (02/02/2023)
cvss2_vuldb_av	N	N	N	N
cvss2_vuldb_ac	L	L	L	L
cvss2_vuldb_ci	P	P	P	P
cvss2_vuldb_ii	P	P	P	P
cvss2_vuldb_ai	P	P	P	P
cvss2_vuldb_e	POC	POC	POC	POC
cvss2_vuldb_rc	UR	UR	UR	UR
cvss2_vuldb_au	S	S	S	S
cvss2_vuldb_rl	ND	ND	ND	ND
cvss3_vuldb_rl	X	X	X	X
cvss2_vuldb_basescore	6.5	6.5	6.5	6.5
cvss2_vuldb_tempscore	5.6	5.6	5.6	5.6
cvss3_vuldb_basescore	6.3	6.3	6.3	6.3
cvss3_vuldb_tempscore	5.7	5.7	5.7	5.7
cvss3_meta_basescore	6.3	6.3	6.3	6.7
cvss3_meta_tempscore	5.7	5.7	5.7	6.5
price_0day	$0-$5k	$0-$5k	$0-$5k	$0-$5k
advisory_url		https://github.com/Ha0Liu/cveAdd/tree/developer/dst-admin%201.5.0%E5%90%8E%E5%8F%B0masterConsole%E6%8E%A5%E5%8F%A3%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C	https://github.com/Ha0Liu/cveAdd/tree/developer/dst-admin%201.5.0%E5%90%8E%E5%8F%B0masterConsole%E6%8E%A5%E5%8F%A3%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C	https://github.com/Ha0Liu/cveAdd/tree/developer/dst-admin%201.5.0%E5%90%8E%E5%8F%B0masterConsole%E6%8E%A5%E5%8F%A3%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C
exploit_url		https://github.com/Ha0Liu/cveAdd/tree/developer/dst-admin%201.5.0%E5%90%8E%E5%8F%B0masterConsole%E6%8E%A5%E5%8F%A3%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C	https://github.com/Ha0Liu/cveAdd/tree/developer/dst-admin%201.5.0%E5%90%8E%E5%8F%B0masterConsole%E6%8E%A5%E5%8F%A3%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C	https://github.com/Ha0Liu/cveAdd/tree/developer/dst-admin%201.5.0%E5%90%8E%E5%8F%B0masterConsole%E6%8E%A5%E5%8F%A3%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C
cve_assigned			1675292400 (02/02/2023)	1675292400 (02/02/2023)
cve_nvd_summary			A vulnerability, which was classified as critical, was found in dst-admin 1.5.0. This affects an unknown part of the file /home/masterConsole. The manipulation of the argument command leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-220035.	A vulnerability, which was classified as critical, was found in dst-admin 1.5.0. This affects an unknown part of the file /home/masterConsole. The manipulation of the argument command leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-220035.
cvss3_cna_basescore				6.3
cvss3_nvd_av				N
cvss3_nvd_ac				L
cvss3_nvd_pr				N
cvss3_nvd_ui				N
cvss3_nvd_s				U
cvss3_nvd_c				H
cvss3_nvd_i				N
cvss3_nvd_a				N
cvss2_nvd_av				N
cvss2_nvd_ac				L
cvss2_nvd_au				S
cvss2_nvd_ci				P
cvss2_nvd_ii				P
cvss2_nvd_ai				P
cvss3_cna_av				N
cvss3_cna_ac				L
cvss3_cna_pr				L
cvss3_cna_ui				N
cvss3_cna_s				U
cvss3_cna_c				L
cvss3_cna_i				L
cvss3_cna_a				L
cve_cna				VulDB
cvss2_nvd_basescore				6.5
cvss3_nvd_basescore				7.5

◂ Tidigare Översikt Nästa ▸

Do you know our Splunk app?

Download it now for free!