Lucene search
HistoryAug 17, 2023 - 7:15 p.m.
CVE-2023-26469
jorani
1.0.0
path traversal
vulnerability
file access
code execution
nvd
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.4 High
AI Score
Confidence
High
0.932 High
EPSS
Percentile
99.1%
In Jorani 1.0.0, an attacker could leverage path traversal to access files and execute code on the server.
Affected configurations
Node
joranijoraniMatch1.0.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| jorani:jorani | jorani | eq | 1.0.0 |
Related
cvelist
cvelist
CVE-2023-26469
2023-08-17 00:00:00
githubexploit
githubexploit
Exploit for Path Traversal in Jorani
2023-09-01 09:41:32
prion
prion
Path traversal
2023-08-17 19:15:00
packetstorm
packetstorm
Jorani Remote Code Execution
2023-08-21 00:00:00
nvd
nvd
CVE-2023-26469
2023-08-17 19:15:12
zdt
zdt
Jorani Remote Code Execution Exploit
2023-08-21 00:00:00
osv
osv
CVE-2023-26469
2023-08-17 19:15:12
nuclei
nuclei
Jorani 1.0.0 - Remote Code Execution
2023-08-30 17:31:52
rapid7blog
rapid7blog
Metasploit Weekly Wrap-Up
2023-08-25 21:26:11
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.4 High
AI Score
Confidence
High
0.932 High
EPSS
Percentile
99.1%
Related for CVE-2023-26469