Vulnerability Details CVE-2021-29493
Kennnyshiwa-cogs contains cogs for Red Discordbot. An RCE exploit has been found in the Tickets module of kennnyshiwa-cogs. This exploit allows discord users to craft a message that can reveal sensitive and harmful information. Users can upgrade to version 5a84d60018468e5c0346f7ee74b2b4650a6dade7 to receive a patch or, as a workaround, unload tickets to render the exploit unusable.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.2%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 6.5
References
- https://github.com/kennnyshiwa/kennnyshiwa-cogs/commit/5a84d60018468e5c0346f7ee74b2b4650a6dade7
- https://github.com/kennnyshiwa/kennnyshiwa-cogs/security/advisories/GHSA-f4j2-2cwr-h473
- https://github.com/kennnyshiwa/kennnyshiwa-cogs/commit/5a84d60018468e5c0346f7ee74b2b4650a6dade7
- https://github.com/kennnyshiwa/kennnyshiwa-cogs/security/advisories/GHSA-f4j2-2cwr-h473
Products affected by CVE-2021-29493
-
cpe:2.3:a:kennnyshiwa-cogs_project:kennnyshiwa-cogs:-