dst-admin v1.5.0 was discovered to contain a remote command execution (RCE) vulnerability via the userId parameter at /home/playerOperate.
References
Link | Resource |
---|---|
https://github.com/Libestor/someCVE/tree/main/dst-admin-RCE | Exploit Third Party Advisory |
Configurations
History
25 Sep 2023, 13:43
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-94 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
References | (MISC) https://github.com/Libestor/someCVE/tree/main/dst-admin-RCEĀ - Exploit, Third Party Advisory | |
First Time |
Dst-admin Project
Dst-admin Project dst-admin |
|
CPE | cpe:2.3:a:dst-admin_project:dst-admin:1.5.0:*:*:*:*:*:*:* |
22 Sep 2023, 19:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-22 19:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-43270
Mitre link : CVE-2023-43270
CVE.ORG link : CVE-2023-43270
JSON object : View
Products Affected
dst-admin_project
- dst-admin
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')