CVE-2023-43981

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Oct 5, 2023

Updated: Oct 7, 2023

CWE ID 502

Summary

CVE-2023-43981 is a deserialization vulnerability affecting the Presto Changeo testsitecreator software up to version 1.1.1. An attacker can exploit this issue by manipulating the delete_excluded_folder.php component, potentially leading to arbitrary code execution and unauthorized system access. Successful exploitation could result in severe data breaches or complete system takeover. Users are advised to update to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/syX4lt
https://www.cve.org/CVERecord?id=CVE-2023-43981
https://nvd.nist.gov/vuln/detail/CVE-2023-43981

Back to Vulnerability Database

CVE-2023-43981

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations