Arbitrary Command Execution Vulnerability in SeaCMS by SeaCMS
CVE-2023-46010

9.8CRITICAL

Key Information:

Vendor
Seacms
Status
Seacms
Vendor
CVE Published:
25 October 2023

Summary

An arbitrary command execution vulnerability exists in SeaCMS version 12.9. This flaw allows attackers to execute commands remotely through the admin_safe.php component, posing significant security risks to the affected systems. Organizations utilizing this version of SeaCMS should prioritize patching and security measures to mitigate potential exploits. For more details, refer to official resources.

References

http://seacms.com
https://blog.csdn.net/DGS666/article/details/133795200?sp...

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2023-46010 : Arbitrary Command Execution Vulnerability in SeaCMS by SeaCMS | SecurityVulnerability.io