CRITICAL🇬🇧 English

CVE-2023-24108

CVSS 9.8v3.1pub. 2023-02-22upd. 2025-12-05

MvcTools 6d48cd6830fc1df1d8c9d61caa1805fd6a1b7737 was discovered to contain a code execution backdoor via the request package (requirements.txt). This vulnerability allows attackers to access sensitive user information and execute arbitrary code.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Zetacomponents Mvctools

    APP
    Zetacomponents
    2008-09-23
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2017-15806HIGH8.1ten sam vendor

The send function in the ezcMailMtaTransport class in Zeta Components Mail before 1.8.2 does not properly rest...