First published: Wed Sep 27 2023(Updated: )
Deserialization of Untrusted Data in emlog pro v.2.1.15 and earlier allows a remote attacker to execute arbitrary code via the cache.php component.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Emlog Emlog | <=2.1.15 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2023-43291.
The severity of CVE-2023-43291 is critical with a CVSS score of 9.8.
The vulnerability CVE-2023-43291 occurs due to deserialization of untrusted data in emlog pro v.2.1.15 and earlier.
The impact of CVE-2023-43291 is that it allows a remote attacker to execute arbitrary code via the cache.php component.
To fix CVE-2023-43291, it is recommended to update emlog pro to version 2.1.16 or later.