CVE-2023-28170

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Dec 20, 2023

Updated: Dec 27, 2023

CWE ID 434

Summary

CVE-2023-28170 is a newly identified vulnerability affecting Themely Theme Demo Import. The issue involves an Unrestricted File Upload vulnerability where dangerous file types can be uploaded without restriction. This weakness can lead to arbitrary code execution and potential compromise of affected systems. The vulnerability exists in versions of Themely Theme Demo Import from n/a through 1.1.1, making it critical for users to apply the necessary patches as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sT-BJ9
https://www.cve.org/CVERecord?id=CVE-2023-28170
https://nvd.nist.gov/vuln/detail/CVE-2023-28170

Back to Vulnerability Database

CVE-2023-28170

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations