Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:2 a.m.10 views

CVE-2023-33294

An issue was discovered in KaiOS 3.0 before 3.1. The /system/bin/tctwebserver binary exposes a local web server that responds to GET and POST requests on port 2929. The server accepts arbitrary Bash commands and executes them as root. Because it is not permission or context restricted and returns...

9.8CVSS7AI score0.00932EPSS
Exploits1References1
Circl
Circl
added 2023/05/22 8:25 p.m.5 views

CVE-2023-33294

creationtimestamp| type| source ---|---|--- 2023-05-22 20:25:32+00:00| seen| https://t.me/cibsecurity/64546...

9.8CVSS8.7AI score0.00932EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/05/22 12:0 a.m.11 views

CVE-2023-33294

An issue was discovered in KaiOS 3.0 before 3.1. The /system/bin/tctwebserver binary exposes a local web server that responds to GET and POST requests on port 2929. The server accepts arbitrary Bash commands and executes them as root. Because it is not permission or context restricted and returns...

9.2AI score0.00932EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/05/22 12:0 a.m.30 views

CVE-2023-33294

An issue was discovered in KaiOS 3.0 before 3.1. The /system/bin/tctwebserver binary exposes a local web server that responds to GET and POST requests on port 2929. The server accepts arbitrary Bash commands and executes them as root. Because it is not permission or context restricted and returns...

9.4AI score0.00932EPSS
Exploits1References1
CVE
CVE
added 2023/05/22 12:0 a.m.57 views

CVE-2023-33294

KaiOS 3.0 before 3.1 is affected by CVE-2023-33294 due to the /system/bin/tctweb_server local web server listening on port 2929 that accepts arbitrary Bash commands and runs them as root. The server is not permission/context restricted and returns CORS headers, making it reachable from any websit...

9.8CVSS9AI score0.00932EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder