9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.2 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
35.7%
fastbots is vulnerable to Remote Code Execution. The vulnerability is due to improper validation in the locator
function which allows an attacker to modify the locators.ini
file within the page.py
module. This issue can be exploited by an attacker to cause remote code execution.
github.com/advisories/GHSA-vccg-f4gp-45x9
github.com/ubertidavide/fastbots/commit/73eb03bd75365e112b39877e26ef52853f5e9f57
github.com/ubertidavide/fastbots/commit/cc96c41afbd0ecf0d69147e0f35c4e31839dc29b
github.com/ubertidavide/fastbots/pull/3#issue-2003080806
github.com/ubertidavide/fastbots/security/advisories/GHSA-vccg-f4gp-45x9
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.2 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
35.7%