CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
90.2%
SABnzbd is an open source automated Usenet download tool. A design flaw was
discovered in SABnzbd that could allow remote code execution. Manipulating
the Parameters setting in the Notification Script functionality allows code
execution with the privileges of the SABnzbd process. Exploiting the
vulnerabilities requires access to the web interface. Remote exploitation
is possible if users[exposed their setup to the internet or other untrusted
networks without setting a username/password. By default SABnzbd is only
accessible from localhost
, with no authentication required for the web
interface. This issue has been patched in commits e3a722
and 422b4f
which have been included in the 4.0.2 release. Users are advised to
upgrade. Users unable to upgrade should ensure that a username and password
have been set if their instance is web accessible.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | sabnzbdplus | < any | UNKNOWN |
ubuntu | 20.04 | noarch | sabnzbdplus | < any | UNKNOWN |
ubuntu | 22.04 | noarch | sabnzbdplus | < any | UNKNOWN |
ubuntu | 24.04 | noarch | sabnzbdplus | < any | UNKNOWN |
ubuntu | 16.04 | noarch | sabnzbdplus | < any | UNKNOWN |
github.com/sabnzbd/sabnzbd/commit/422b4fce7bfd56e95a315be0400cdfdc585df7cc
github.com/sabnzbd/sabnzbd/commit/e3a722664819d1c7c8fab97144cc299b1c18b429
github.com/sabnzbd/sabnzbd/security/advisories/GHSA-hhgh-xgh3-985r
launchpad.net/bugs/cve/CVE-2023-34237
nvd.nist.gov/vuln/detail/CVE-2023-34237
sabnzbd.org/wiki/configuration/4.0/general
security-tracker.debian.org/tracker/CVE-2023-34237
www.cve.org/CVERecord?id=CVE-2023-34237