Discord-Recon is a Discord bot created to automate bug bounty recon, automated scans and information gathering via a discord server. Discord-Recon is vulnerable to remote code execution. An attacker is able to execute shell commands in the server without having an admin role. This vulnerability has been fixed in version 0.0.8.
References
Link | Resource |
---|---|
https://github.com/DEMON1A/Discord-Recon/commit/f9cb0f67177f5e2f1022295ca8e641e47837ec7a | Patch |
https://github.com/DEMON1A/Discord-Recon/issues/23 | Exploit Issue Tracking Third Party Advisory |
https://github.com/DEMON1A/Discord-Recon/security/advisories/GHSA-fjcj-g7x8-4rp7 | Exploit Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
12 Jan 2024, 15:22
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
CPE | cpe:2.3:a:demon1a:discord-recon:*:*:*:*:*:discord:*:* cpe:2.3:a:demon1a:discord-recon:0.0.8:beta:*:*:*:discord:*:* |
|
References | () https://github.com/DEMON1A/Discord-Recon/security/advisories/GHSA-fjcj-g7x8-4rp7 - Exploit, Patch, Vendor Advisory | |
References | () https://github.com/DEMON1A/Discord-Recon/commit/f9cb0f67177f5e2f1022295ca8e641e47837ec7a - Patch | |
References | () https://github.com/DEMON1A/Discord-Recon/issues/23 - Exploit, Issue Tracking, Third Party Advisory | |
First Time |
Demon1a discord-recon
Demon1a |
|
CWE | CWE-77 |
09 Jan 2024, 00:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-09 00:15
Updated : 2024-02-28 20:54
NVD link : CVE-2024-21663
Mitre link : CVE-2024-21663
CVE.ORG link : CVE-2024-21663
JSON object : View
Products Affected
demon1a
- discord-recon