1. Home
  2. CVE Database
  3. CVE-2023-29657
HIGH · 8.8

CVE-2023-29657

eXtplorer 2.1.15 is vulnerable to Insecure Permissions. File upload in file manager allows uploading zip file containing php pages with arbitrary code executions.

Vulnerability Description

eXtplorer 2.1.15 is vulnerable to Insecure Permissions. File upload in file manager allows uploading zip file containing php pages with arbitrary code executions.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
ExtplorerExtplorer2.1.15

Related Weaknesses (CWE)

CWE-434

References

FAQ

What is CVE-2023-29657?

CVE-2023-29657 is a vulnerability with a CVSS score of 8.8 (HIGH). eXtplorer 2.1.15 is vulnerable to Insecure Permissions. File upload in file manager allows uploading zip file containing php pages with arbitrary code executions.

How severe is CVE-2023-29657?

CVE-2023-29657 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-29657?

Check the references section above for vendor advisories and patch information. Affected products include: Extplorer Extplorer.