Vulnerability Details CVE-2023-54335
eXtplorer 2.1.14 contains an authentication bypass vulnerability that allows attackers to login without a password by manipulating the login request. Attackers can exploit this flaw to upload malicious PHP files and execute remote commands on the vulnerable file management system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.3%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2023-54335
-
cpe:2.3:a:extplorer:extplorer:-
-
cpe:2.3:a:extplorer:extplorer:1.0.0
-
cpe:2.3:a:extplorer:extplorer:2.0.0
-
cpe:2.3:a:extplorer:extplorer:2.1.0
-
cpe:2.3:a:extplorer:extplorer:2.1.1
-
cpe:2.3:a:extplorer:extplorer:2.1.10
-
cpe:2.3:a:extplorer:extplorer:2.1.11
-
cpe:2.3:a:extplorer:extplorer:2.1.12
-
cpe:2.3:a:extplorer:extplorer:2.1.13
-
cpe:2.3:a:extplorer:extplorer:2.1.14
-
cpe:2.3:a:extplorer:extplorer:2.1.2
-
cpe:2.3:a:extplorer:extplorer:2.1.3
-
cpe:2.3:a:extplorer:extplorer:2.1.4
-
cpe:2.3:a:extplorer:extplorer:2.1.5
-
cpe:2.3:a:extplorer:extplorer:2.1.6
-
cpe:2.3:a:extplorer:extplorer:2.1.7
-
cpe:2.3:a:extplorer:extplorer:2.1.8
-
cpe:2.3:a:extplorer:extplorer:2.1.9