CVE-2023-7098

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Dec 25, 2023
Updated: Aug 2, 2024
CWE ID 24

Summary

CVE-2023-7498: A high-severity path traversal vulnerability was discovered in icret EasyImages 2.8.3. This issue lies within the 'hide.php' file's unsupported code. An attacker can exploit this flaw by manipulating the argument key, leading to a '../filedir' traversal. The exploit can be initiated remotely, but the complexity and difficulty of an attack are relatively high. Notably, the exploit for this vulnerability has been made public. It is important to note that this vulnerability only impacts products no longer supported by the maintainer.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share