National Cyber Warfare Foundation (NCWF) Forums


CVE-2023-2621
0 user ratings		2023-11-01 05:10:26
milo
CVEs
 - archive -- 
The McFeeder server (distributed as part of SSW package), is susceptible to an arbitrary file write vulnerability on the MAIN computer
system. This vulnerability stems from the use of an outdated version of a third-party library, which is used to extract archives uploaded to McFeeder server. An authenticated malicious client can
exploit this vulnerability by uploading a crafted ZIP archive via the
network to McFeeder’s service endpoint.

CVE-2023-2621
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2621
The McFeeder server (distributed as part of SSW package), is susceptible to an arbitrary file write vulnerability on the MAIN computer
system. This vulnerability stems from the use of an outdated version of a third-party library, which is used to extract archives uploaded to McFeeder server. An authenticated malicious client can
exploit this vulnerability by uploading a crafted ZIP archive via the
network to McFeeder’s service endpoint.
2023-11-01T03:15:07Z

Source: CVEAnnouncements
Source Link: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2621

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
CVEs


Copyright 2012 through 2024 - National Cyber Warfare Foundation - All rights reserved worldwide.