Directory Traversal vulnerability in Hex-Dragon Plain Craft Launcher 2 version Alpha 1.3.9, allows local attackers to execute arbitrary code and gain sensitive information.
References
| Link | Resource |
|---|---|
| https://gist.github.com/9Bakabaka/d4559b081ce0577dbf415917afc0efb5 | Third Party Advisory |
| https://github.com/9Bakabaka/CVE-2023-36123 | Exploit Third Party Advisory |
| https://gist.github.com/9Bakabaka/d4559b081ce0577dbf415917afc0efb5 | Third Party Advisory |
| https://github.com/9Bakabaka/CVE-2023-36123 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 08:09
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://gist.github.com/9Bakabaka/d4559b081ce0577dbf415917afc0efb5 - Third Party Advisory | |
| References | () https://github.com/9Bakabaka/CVE-2023-36123 - Exploit, Third Party Advisory |
10 Oct 2023, 20:47
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Plain Craft Launcher 2 Project
Plain Craft Launcher 2 Project plain Craft Launcher 2 |
|
| CPE | cpe:2.3:a:plain_craft_launcher_2_project:plain_craft_launcher_2:1.3.9:alpha:*:*:*:*:*:* | |
| CWE | CWE-22 | |
| References | (MISC) https://github.com/9Bakabaka/CVE-2023-36123 - Exploit, Third Party Advisory | |
| References | (MISC) https://gist.github.com/9Bakabaka/d4559b081ce0577dbf415917afc0efb5 - Third Party Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
07 Oct 2023, 00:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-10-07 00:15
Updated : 2024-11-21 08:09
NVD link : CVE-2023-36123
Mitre link : CVE-2023-36123
CVE.ORG link : CVE-2023-36123
JSON object : View
Products Affected
plain_craft_launcher_2_project
- plain_craft_launcher_2
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')