CVE-2023-41149
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2023-41149 is a newly discovered vulnerability affecting F-RevoCRM versions 7.3.7 and 7.3.8. This issue permits an attacker, who gains access to the product, to inject and execute arbitrary OS commands on the server hosting the software. The exploitation of this OS command injection vulnerability poses a significant risk to the security of the affected system. Successful attacks could lead to data theft, unauthorized access, or even server compromise. It is strongly recommended that users of these affected versions upgrade to a secure and patched version as soon as possible to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.