CVE-2023-33831

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Sep 18, 2023

Updated: Sep 19, 2023

CWE ID 77

Summary

CVE-2023-33831 is a remote command execution (RCE) vulnerability affecting the /api/runscript endpoint of FUXA version 1.1.13. An attacker can exploit this flaw by sending a maliciously crafted POST request to execute arbitrary commands on the targeted system, posing a significant security risk. Successful exploitation could lead to unauthorized system access, data theft, or even complete system takeover. Users are urged to update their FUXA installation as soon as possible to mitigate this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sjUI3W
https://www.cve.org/CVERecord?id=CVE-2023-33831
https://nvd.nist.gov/vuln/detail/CVE-2023-33831

Back to Vulnerability Database

CVE-2023-33831

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations