Vulnerability Description
Discord-Recon is a Discord bot created to automate bug bounty recon, automated scans and information gathering via a discord server. Discord-Recon is vulnerable to remote code execution. An attacker is able to execute shell commands in the server without having an admin role. This vulnerability has been fixed in version 0.0.8.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Demon1A | Discord-Recon | < 0.0.8 |
Related Weaknesses (CWE)
References
- https://github.com/DEMON1A/Discord-Recon/commit/f9cb0f67177f5e2f1022295ca8e641e4Patch
- https://github.com/DEMON1A/Discord-Recon/issues/23ExploitIssue TrackingThird Party Advisory
- https://github.com/DEMON1A/Discord-Recon/security/advisories/GHSA-fjcj-g7x8-4rp7ExploitPatchVendor Advisory
- https://github.com/DEMON1A/Discord-Recon/commit/f9cb0f67177f5e2f1022295ca8e641e4Patch
- https://github.com/DEMON1A/Discord-Recon/issues/23ExploitIssue TrackingThird Party Advisory
- https://github.com/DEMON1A/Discord-Recon/security/advisories/GHSA-fjcj-g7x8-4rp7ExploitPatchVendor Advisory
FAQ
What is CVE-2024-21663?
CVE-2024-21663 is a vulnerability with a CVSS score of 9.9 (CRITICAL). Discord-Recon is a Discord bot created to automate bug bounty recon, automated scans and information gathering via a discord server. Discord-Recon is vulnerable to remote code execution. An attacker i...
How severe is CVE-2024-21663?
CVE-2024-21663 has been rated CRITICAL with a CVSS base score of 9.9/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2024-21663?
Check the references section above for vendor advisories and patch information. Affected products include: Demon1A Discord-Recon.