CVE-2023-6749

CVSS 3.1 Score 8.0 of 10 (high)

Details

Published Feb 18, 2024

Updated: Feb 20, 2024

CWE ID 121

Summary

CVE-2023-6749 is a newly identified vulnerability that affects settings shells with insufficient input validation. Maliciously crafted user input with an unchecked length can lead to command injection, potentially granting attackers unauthorized access or system control. This issue poses a significant risk, particularly in environments where user input is trusted, requiring immediate attention and patching to mitigate potential harm.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tyMqZS
https://www.cve.org/CVERecord?id=CVE-2023-6749
https://nvd.nist.gov/vuln/detail/CVE-2023-6749

Back to Vulnerability Database

CVE-2023-6749

CVSS 3.1 Score 8.0 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations