CVE-2023-7098
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Published Dec 25, 2023
Updated: Aug 2, 2024
CWE ID 24
Summary
CVE-2023-7498: A high-severity path traversal vulnerability was discovered in icret EasyImages 2.8.3. This issue lies within the 'hide.php' file's unsupported code. An attacker can exploit this flaw by manipulating the argument key, leading to a '../filedir' traversal. The exploit can be initiated remotely, but the complexity and difficulty of an attack are relatively high. Notably, the exploit for this vulnerability has been made public. It is important to note that this vulnerability only impacts products no longer supported by the maintainer.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share