Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:13 a.m.7 views

CVE-2024-53992

unzip-bot is a Telegram bot to extract various types of archives. Users could exploit unsanitized inputs to inject malicious commands that are executed through subprocess.Popen with shell=True. Attackers can exploit this vulnerability using a crafted archive name, password, or video name. This...

8.8CVSS6.9AI score0.00451EPSS
Exploits0References1
NVD
NVD
added 2024/12/02 5:15 p.m.11 views

CVE-2024-53992

unzip-bot is a Telegram bot to extract various types of archives. Users could exploit unsanitized inputs to inject malicious commands that are executed through subprocess.Popen with shell=True. Attackers can exploit this vulnerability using a crafted archive name, password, or video name. This...

8.8CVSS0.00451EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/02 5:3 p.m.18 views

CVE-2024-53992 unzip-bot Allows Remote Code Execution (RCE) via archive extraction, password prompt, or video upload

unzip-bot is a Telegram bot to extract various types of archives. Users could exploit unsanitized inputs to inject malicious commands that are executed through subprocess.Popen with shell=True. Attackers can exploit this vulnerability using a crafted archive name, password, or video name. This...

8.8CVSS0.00451EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/12/02 5:3 p.m.9 views

CVE-2024-53992 unzip-bot Allows Remote Code Execution (RCE) via archive extraction, password prompt, or video upload

unzip-bot is a Telegram bot to extract various types of archives. Users could exploit unsanitized inputs to inject malicious commands that are executed through subprocess.Popen with shell=True. Attackers can exploit this vulnerability using a crafted archive name, password, or video name. This...

8.8CVSS6.8AI score0.00451EPSS
Exploits0References2
Rows per page
Query Builder