SABnzbd is an open source automated Usenet download tool. A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the Parameters setting in the Notification Script functionality allows code execution with the privileges of the SABnzbd process. Exploiting the...
9.8CVSS
10AI Score
0.022EPSS
SABnzbd is an open source binary newsreader. A vulnerability was discovered in SABnzbd that could trick the filesystem.renamer() function into writing downloaded files outside the configured Download Folder via malicious PAR2 files. A patch was released as part of SABnzbd 3.2.1RC1. As a...
5.3CVSS
5.2AI Score
0.001EPSS
SABnzbd 2.3.9 and 3.0.0Alpha2 has a command injection vulnerability in the web configuration interface that permits an authenticated user to execute arbitrary Python commands on the underlying operating...
8.8CVSS
9AI Score
0.003EPSS