CVSS 3.1 Score 9.8 of 10 (high)


Published Nov 28, 2023
Updated: Dec 4, 2023
CWE ID 178


CVE-2023-3545 is a critical vulnerability affecting Chamilo LMS <= v1.11.20 on Windows and Apache installations. The vulnerability allows unauthenticated attackers to bypass file upload security measures and execute remote code by uploading a `.htaccess` file. This vulnerability poses a high risk to organizations as it can be exploited by privileged attackers or combined with other file write vulnerabilities to achieve remote code execution. The base severity score is 9.8 out of 10, indicating its critical nature. To remediate this vulnerability, affected organizations should update their Chamilo LMS installation to a version that addresses this issue.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-3545 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options