Vulnerability Details CVE-2024-21663
Discord-Recon is a Discord bot created to automate bug bounty recon, automated scans and information gathering via a discord server. Discord-Recon is vulnerable to remote code execution. An attacker is able to execute shell commands in the server without having an admin role. This vulnerability has been fixed in version 0.0.8.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 79.2%
CVSS Severity
CVSS v3 Score 9.9
References
- https://github.com/DEMON1A/Discord-Recon/commit/f9cb0f67177f5e2f1022295ca8e641e47837ec7a
- https://github.com/DEMON1A/Discord-Recon/issues/23
- https://github.com/DEMON1A/Discord-Recon/security/advisories/GHSA-fjcj-g7x8-4rp7
- https://github.com/DEMON1A/Discord-Recon/commit/f9cb0f67177f5e2f1022295ca8e641e47837ec7a
- https://github.com/DEMON1A/Discord-Recon/issues/23
- https://github.com/DEMON1A/Discord-Recon/security/advisories/GHSA-fjcj-g7x8-4rp7
Products affected by CVE-2024-21663
-
cpe:2.3:a:demon1a:discord-recon:0.0.1
-
cpe:2.3:a:demon1a:discord-recon:0.0.2
-
cpe:2.3:a:demon1a:discord-recon:0.0.3
-
cpe:2.3:a:demon1a:discord-recon:0.0.4
-
cpe:2.3:a:demon1a:discord-recon:0.0.5
-
cpe:2.3:a:demon1a:discord-recon:0.0.6
-
cpe:2.3:a:demon1a:discord-recon:0.0.8