National Cyber Warfare Foundation (NCWF)

CVE-2023-45158 (web2py)
0 user ratings		2023-10-18 20:16:27
milo
CVEs
 - archive -- 
An OS command injection vulnerability exists in web2py 2.24.1 and earlier. When the product is configured to use notifySendHandler for logging (not the default configuration), a crafted web request may execute an arbitrary OS command on the web server using the product.

CVE-2023-45158 (web2py)
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45158
An OS command injection vulnerability exists in web2py 2.24.1 and earlier. When the product is configured to use notifySendHandler for logging (not the default configuration), a crafted web request may execute an arbitrary OS command on the web server using the product.
2023-10-16T08:15:09Z

Source: CVEAnnouncements
Source Link: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45158

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
CVEs


Copyright 2012 through 2025 - National Cyber Warfare Foundation - All rights reserved worldwide.