CVE-2023-27842

EUVD-2023-31578
Insecure Permissions vulnerability found in Extplorer File manager eXtplorer v.2.1.15 allows a remote attacker to execute arbitrary code via the index.php compenent
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 97%
Affected Products (NVD)
VendorProductVersion
extplorerextplorer
2.1.15
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
extplorer
focal
dne
jammy
dne
mantic
dne
noble
dne
oracular
dne
xenial
needs-triage
Common Weakness Enumeration
References
http://blog.tristaomarinho.com/extplorer-2-1-15-insecure-permissions-following-remote-code-execution/
http://extplorer.net/
http://extplorer.net/attachments/download/99/eXtplorer_2.1.15.zip
https://github.com/tristao-marinho/CVE-2023-27842
https://github.com/tristao-marinho/CVE-2023-27842/blob/main/README.md
http://blog.tristaomarinho.com/extplorer-2-1-15-insecure-permissions-following-remote-code-execution/
http://extplorer.net/
http://extplorer.net/attachments/download/99/eXtplorer_2.1.15.zip
https://github.com/tristao-marinho/CVE-2023-27842
https://github.com/tristao-marinho/CVE-2023-27842/blob/main/README.md