Vulnerability Details CVE-2023-53959
FileZilla Client 3.63.1 contains a DLL hijacking vulnerability that allows attackers to execute malicious code by placing a crafted TextShaping.dll in the application directory. Attackers can generate a reverse shell payload using msfvenom and replace the missing DLL to achieve remote code execution when the application launches.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.0%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2023-53959
-
cpe:2.3:a:filezilla-project:filezilla_client:3.63.1