CVE-2023-3852

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jul 23, 2023

Updated: May 17, 2024

CWE ID 444

CWE ID 86

Summary

CVE-2023-3852 is a critical vulnerability affecting OpenRapid RapidCMS versions up to 1.3.1. This issue lies within the /admin/upload.php file, allowing for unrestricted file uploads via manipulation of an argument. The exploit can be initiated remotely, and the public disclosure of the exploit increases the risk of attack. The patch to resolve this vulnerability is identified as 4dff387283060961c362d50105ff8da8ea40bcbe, and it is strongly advised to apply it promptly. The identifier for this vulnerability is VDB-235204.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Apache Software Foundation Traffic Server
Apache Traffic Server

Affected Vendors

Apache Software Foundation

Advisories, Assessments, and Mitigations

Back to Vulnerability Database