CVE-2023-48909

EUVD-2023-52937
An issue was discovered in Jave2 version 3.3.1, allows attackers to execute arbitrary code via the FFmpeg function.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CISA-ADPADP
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
Affected Products (NVD)
VendorProductVersion
aarboardjave2
3.3.1
𝑥
= Vulnerable software versions
References
https://gist.github.com/Dollhouse-18/288b4774bc296722c9e3c60bafa392bf
https://github.com/Dollhouse-18/jave-core-Command-execution-vulnerability
https://gist.github.com/Dollhouse-18/288b4774bc296722c9e3c60bafa392bf
https://github.com/Dollhouse-18/jave-core-Command-execution-vulnerability