Shodan
Maps
Images
Monitor
Developer
More...
Dashboard
View Api Docs
Vulnerabilities
By Date
Known Exploited
Advanced Search
Vulnerable Software
Vendors
Products
Vulnerability Details CVE-2023-26126
All versions of the package m.static are vulnerable to Directory Traversal due to improper input sanitization of the path being requested via the requestFile function.
Exploit prediction scoring system (EPSS) score
EPSS Score
0.01
EPSS Ranking
58.2%
CVSS Severity
CVSS v3 Score
7.5
References
https://gist.github.com/lirantal/dcb32c11ce87f5aafd2282b90b4dc998
https://security.snyk.io/vuln/SNYK-JS-MSTATIC-3244915
https://gist.github.com/lirantal/dcb32c11ce87f5aafd2282b90b4dc998
https://security.snyk.io/vuln/SNYK-JS-MSTATIC-3244915
Products affected by CVE-2023-26126
M.static Project
»
M.static
»
Version:
1.1.0
cpe:2.3:a:m.static_project:m.static:1.1.0
M.static Project
»
M.static
»
Version:
1.2.0
cpe:2.3:a:m.static_project:m.static:1.2.0
M.static Project
»
M.static
»
Version:
1.3.0
cpe:2.3:a:m.static_project:m.static:1.3.0
M.static Project
»
M.static
»
Version:
2.0.0
cpe:2.3:a:m.static_project:m.static:2.0.0
M.static Project
»
M.static
»
Version:
2.0.1
cpe:2.3:a:m.static_project:m.static:2.0.1
M.static Project
»
M.static
»
Version:
2.1.0
cpe:2.3:a:m.static_project:m.static:2.1.0
M.static Project
»
M.static
»
Version:
2.2.0
cpe:2.3:a:m.static_project:m.static:2.2.0
Products
Monitor
Search Engine
Developer API
Maps
Bulk Data
Images
Snippets
Pricing
Membership
API Subscriptions
Enterprise
Contact Us
support@shodan.io
Shodan ® - All rights reserved