CVE-2023-1773

A vulnerability was found in Rockoa 2.3.2. It has been declared as critical. This vulnerability affects unknown code of the file webmainConfig.php of the component Configuration File Handler. The manipulation leads to code injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-224674 is the identifier assigned to this vulnerability.
Configurations

Configuration 1 (hide)

cpe:2.3:a:rockoa:rockoa:2.3.2:*:*:*:*:*:*:*

History

21 Nov 2024, 07:39

Type Values Removed Values Added
References () https://gitee.com/galaxies2580/cve/blob/master/xinhuv2.3.2.md - Permissions Required () https://gitee.com/galaxies2580/cve/blob/master/xinhuv2.3.2.md - Permissions Required
References () https://vuldb.com/?ctiid.224674 - Third Party Advisory () https://vuldb.com/?ctiid.224674 - Third Party Advisory
References () https://vuldb.com/?id.224674 - Third Party Advisory () https://vuldb.com/?id.224674 - Third Party Advisory
CVSS v2 : 6.5
v3 : 9.8
v2 : 6.5
v3 : 6.3

Information

Published : 2023-03-31 12:15

Updated : 2024-11-21 07:39


NVD link : CVE-2023-1773

Mitre link : CVE-2023-1773

CVE.ORG link : CVE-2023-1773


JSON object : View

Products Affected

rockoa

  • rockoa
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')