Remote Code Execution Vulnerability in SeaCMS v12.9 by SeaCMS
CVE-2023-46987

8.8HIGH

Key Information:

Vendor: Seacms
Status: Seacms
Vendor: CVE Published:; 28 December 2023

What is CVE-2023-46987?

SeaCMS v12.9 is susceptible to a remote code execution vulnerability that exists in the admin interface located at /augap/adminip.php. This flaw could allow an attacker to execute arbitrary code on the server, posing significant security risks to the applications utilizing this content management system. It is critical for users of affected versions to implement remediation steps to safeguard against potential exploitation.

References

http://seacms.com

http://www.seacms.com/

https://blog.csdn.net/weixin_72610998/article/details/133...

EPSS Score

5% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 28, 2023
Vulnerability Reserved
Oct 30, 2023

Seacms

What is CVE-2023-46987?

References

EPSS Score

CVSS V3.1

Timeline