CVE-2023-43234

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Sep 27, 2023

Updated: Sep 29, 2023

Summary

CVE-2023-43234 is a newly disclosed vulnerability affecting DedeBIZ version 6.2.11. The issue lies in the /admin/file_manage_control.php file, which contains multiple remote code execution (RCE) vulnerabilities. Hackers can exploit these flaws by manipulating the $activepath and $filename parameters to execute malicious code remotely. This vulnerability poses a significant risk to systems running the affected software and requires immediate patching to prevent potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/suM4w0
https://www.cve.org/CVERecord?id=CVE-2023-43234
https://nvd.nist.gov/vuln/detail/CVE-2023-43234

Back to Vulnerability Database

CVE-2023-43234

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations