CVE-2023-1877

moderate-risk
Published 2023-04-05

Command Injection in GitHub repository microweber/microweber prior to 1.3.3.

Do I need to act?

~
4.7% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
+
Fix available
Upgrade to: 64aee08e8b54c496bda13fbbbe354bd02f95b2cf
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Microweber

References (4)

Patch https://github.com/microweber/microweber/commit/93a906d0bf096c3ab1674012a90c88d1...
Exploit https://huntr.dev/bounties/71fe4b3b-20ac-448c-8191-7b99d7ffaf55
Patch https://github.com/microweber/microweber/commit/93a906d0bf096c3ab1674012a90c88d1...
Exploit https://huntr.dev/bounties/71fe4b3b-20ac-448c-8191-7b99d7ffaf55
45
/ 100
moderate-risk
Severity 32/34 · Critical
Exploitability 8/34 · Low
Exposure 5/34 · Minimal