CVE-2023-41892
Description
Craft CMS is a platform for creating digital experiences. This is a high-impact, low-complexity attack vector. Users running Craft installations before 4.4.15 are encouraged to update to at least that version to mitigate the issue. This issue has been fixed in Craft CMS 4.4.15.
NVD
Severity: CRITICAL
CVE ID: CVE-2023-41892
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
GitHub, Inc.
Severity: CRITICAL
CVE ID: CVE-2023-41892
CVSS Score: 10.0
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
Proof Of Concept
Nuclei Templates for CVE-2023-41892
Refrence: Project Discovery GitHub
zaenhaxor
CVE-2023-41892 - Craft CMS Remote Code Execution (RCE)
Refrence: GitHub
Faelian
Exploit for CVE-2023-41892
Refrence: GitHub
diegaccio
CVE-2023-41892 Reverse Shell
Refrence: GitHub
acesoyeo
A Craft CMS vulnerability that allows Remote Code Execution (RCE).
Refrence: GitHub