CVE-2023-41005

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 28, 2023
Updated: Aug 30, 2023

Summary

CVE-2023-41005 is a newly disclosed vulnerability affecting Pagekit version 1.0.18. This issue permits a remote attacker to execute arbitrary code through the downloadAction and updateAction functions located in UpdateController.php. An attacker can exploit this vulnerability by sending crafted requests to the affected system, leading to potential code execution and subsequent security breaches. System administrators are urged to update Pagekit to a patched version as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share