CVSS 3.1 Score 9.8 of 10 (high)


Published Sep 27, 2023
Updated: Sep 28, 2023


CVE-2023-43187 is a remote code execution vulnerability found in the xmlrpc.php endpoint of NodeBB Inc NodeBB forum software prior to version 1.18.6. This vulnerability allows attackers to execute arbitrary code by sending crafted XML-RPC requests. It affects multiple products, including Z6HhDY, Z6HhDZ, Z6HhDa, and many others. To remediate this vulnerability, it is recommended to update the NodeBB forum software to version 1.18.6 or later. The potential danger of this vulnerability is high, as it allows unauthorized individuals to execute arbitrary code on the affected systems, compromising their integrity and confidentiality. The CVSS score for this vulnerability is 9.8 out of 10, indicating a critical severity level.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-43187 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options