CVE-2023-41149

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Sep 6, 2023
Updated: Sep 8, 2023
CWE ID 78

Summary

CVE-2023-41149 is a newly discovered vulnerability affecting F-RevoCRM versions 7.3.7 and 7.3.8. This issue permits an attacker, who gains access to the product, to inject and execute arbitrary OS commands on the server hosting the software. The exploitation of this OS command injection vulnerability poses a significant risk to the security of the affected system. Successful attacks could lead to data theft, unauthorized access, or even server compromise. It is strongly recommended that users of these affected versions upgrade to a secure and patched version as soon as possible to mitigate the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share