CVE-2023-42428: Path Traversal
First published: Fri Nov 17 2023(Updated: )
Directory traversal vulnerability in CubeCart prior to 6.5.3 allows a remote authenticated attacker with an administrative privilege to delete directories and files in the system.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cubecart Cubecart | <6.5.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this security issue in CubeCart?
The vulnerability ID for this security issue in CubeCart is CVE-2023-42428.
What is the severity level of CVE-2023-42428?
The severity level of CVE-2023-42428 is medium with a score of 6.5.
How does the directory traversal vulnerability in CubeCart allow an attacker to delete directories and files?
The directory traversal vulnerability in CubeCart allows a remote authenticated attacker with administrative privileges to delete directories and files in the system.
Which version of CubeCart is affected by this vulnerability?
CubeCart prior to version 6.5.3 is affected by this vulnerability.
How can I mitigate the CVE-2023-42428 vulnerability in CubeCart?
To mitigate the CVE-2023-42428 vulnerability in CubeCart, upgrade to version 6.5.3 or later.
- collector/mitre-cve
- collector/nvd-api
- agent/description
- agent/last-modified-date
- agent/remedy
- agent/softwarecombine
- agent/first-publish-date
- vendor/cubecart
- canonical/cubecart cubecart