CVE-2023-42362

An arbitrary file upload vulnerability in Teller Web App v.4.4.0 allows a remote attacker to execute arbitrary commands and obtain sensitive information via uploading a crafted file.
References
Link Resource
https://github.com/Mr-n0b3dy/CVE-2023-42362 Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:teller:teller:4.4.0:*:*:*:*:*:*:*

History

19 Sep 2023, 19:34

Type Values Removed Values Added
References (MISC) https://github.com/Mr-n0b3dy/CVE-2023-42362 - (MISC) https://github.com/Mr-n0b3dy/CVE-2023-42362 - Third Party Advisory
First Time Teller
Teller teller
CWE CWE-79
CPE cpe:2.3:a:teller:teller:4.4.0:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.4

15 Sep 2023, 00:31

Type Values Removed Values Added
New CVE

Information

Published : 2023-09-14 21:15

Updated : 2024-02-28 20:33


NVD link : CVE-2023-42362

Mitre link : CVE-2023-42362

CVE.ORG link : CVE-2023-42362


JSON object : View

Products Affected

teller

  • teller
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')