CVE-2023-44092

CVSS 3.1 Score 7.6 of 10 (high)

Details

Published Mar 19, 2024
Updated: Mar 20, 2024
CWE ID 78

Summary

CVE-2023-44092 is a critical OS Command Injection vulnerability affecting Pandora FMS versions 700 through 776. This issue arises from improper neutralization of special elements in OS commands, enabling attackers to inject and execute malicious commands on the targeted system. The consequence of this vulnerability is a severe security risk, allowing unauthorized access and potential system compromise. An attacker can create a reverse shell to gain remote access and control over the affected system.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share