Lucene search
K

5 matches found

NVD
NVD
added 2023/03/27 9:15 p.m.38 views

CVE-2023-28627

pymedusa is an automatic video library manager for TV Shows. In versions prior 1.0.12 an attacker with access to the web interface can update the git executable path in /config/general/ advanced settings with arbitrary OS commands. An attacker may exploit this vulnerability to take execute...

8.8CVSS8.7AI score0.00815EPSS
Exploits1References2
CVE
CVE
added 2023/03/27 8:13 p.m.42 views

CVE-2023-28627

CVE-2023-28627 affects pymedusa prior to 1.0.12. An attacker with access to the web interface can update the git executable path in /config/general/ > advanced settings, leading to arbitrary OS command execution as the pymedusa user. The vulnerability arises from allowing modification of the g...

8.8CVSS8.9AI score0.00815EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/27 8:13 p.m.5 views

CVE-2023-28627 OS Command Injection via GIT_PATH in pymedusa

pymedusa is an automatic video library manager for TV Shows. In versions prior 1.0.12 an attacker with access to the web interface can update the git executable path in /config/general/ advanced settings with arbitrary OS commands. An attacker may exploit this vulnerability to take execute...

8.3CVSS9AI score0.00815EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/03/27 8:13 p.m.24 views

CVE-2023-28627 OS Command Injection via GIT_PATH in pymedusa

pymedusa is an automatic video library manager for TV Shows. In versions prior 1.0.12 an attacker with access to the web interface can update the git executable path in /config/general/ advanced settings with arbitrary OS commands. An attacker may exploit this vulnerability to take execute...

8.3CVSS9.2AI score0.00815EPSS
Exploits1References2
OSV
OSV
added 2023/03/27 8:13 p.m.23 views

CVE-2023-28627 OS Command Injection via GIT_PATH in pymedusa

pymedusa is an automatic video library manager for TV Shows. In versions prior 1.0.12 an attacker with access to the web interface can update the git executable path in /config/general/ advanced settings with arbitrary OS commands. An attacker may exploit this vulnerability to take execute...

8.3CVSS8.8AI score0.00815EPSS
Exploits1References4
Rows per page
Query Builder