Code Injection in nilsteampassnet/teampass
CVE-2023-2859
Key Information:
- Vendor
Nilsteampassnet
- Status
- Vendor
- CVE Published:
- 24 May 2023
Badges
What is CVE-2023-2859?
A code injection vulnerability has been identified in Teampass, affecting versions prior to 3.0.9. This flaw could allow an attacker to execute arbitrary code within the application, potentially leading to unauthorized access or control over the affected systems. Users are recommended to update their installations to version 3.0.9 or higher to mitigate this vulnerability.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
nilsteampassnet/teampass < 3.0.9
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
EPSS Score
5% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved