CVE-2023-39448

Summary

Path traversal vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to alter or create arbitrary files on the server, resulting in arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
SHIRASAGI ProjectSHIRASAGIprior to v1.18.0affected

Weaknesses

  • Path traversal

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References