Command Injection in froxlor/froxlor
CVE-2023-0315
Key Information:
- Vendor
Froxlor
- Status
- Vendor
- CVE Published:
- 16 January 2023
Badges
What is CVE-2023-0315?
A command injection vulnerability exists in the Froxlor control panel, specifically in versions prior to 2.0.8. This flaw allows an attacker to execute arbitrary commands on the server hosting the Froxlor application. Exploitation of this vulnerability can lead to unauthorized access and control over server operations, posing significant security risks. It is recommended that users upgrade to version 2.0.8 or later to mitigate potential attacks and secure their applications.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
froxlor/froxlor < 2.0.8
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
EPSS Score
90% chance of being exploited in the next 30 days.
CVSS V3.1
CVSS V3.0
Timeline
- π‘
Public PoC available
- πΎ
Exploit known to exist
Vulnerability published
Vulnerability Reserved