CVE-2023-47675: OS Command Injection
First published: Fri Nov 17 2023(Updated: )
CubeCart prior to 6.5.3 allows a remote authenticated attacker with an administrative privilege to execute an arbitrary OS command.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cubecart Cubecart | <6.5.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this CubeCart vulnerability?
The vulnerability ID for this CubeCart vulnerability is CVE-2023-47675.
What is the severity level of CVE-2023-47675?
The severity level of CVE-2023-47675 is high with a CVSS score of 7.2.
What is the affected software version for CVE-2023-47675?
The affected software version for CVE-2023-47675 is CubeCart prior to version 6.5.3.
How does CVE-2023-47675 impact CubeCart?
CVE-2023-47675 allows a remote authenticated attacker with administrative privilege to execute arbitrary OS commands.
Are there any references or sources for CVE-2023-47675?
Yes, there are references available for CVE-2023-47675. You can check the links for more information: [Link 1](https://forums.cubecart.com/topic/58736-cubecart-653-released-security-update/) and [Link 2](https://jvn.jp/en/jp/JVN22220399/).
- collector/nvd-api
- agent/type
- agent/event
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/remedy
- agent/last-modified-date
- agent/severity
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/author
- agent/tags
- vendor/cubecart
- canonical/cubecart cubecart