CVE-2023-47246
CVE-2023-47246
In short
SysAid On-Premise versions before 23.3.36 allow attackers to write files anywhere on the server by manipulating file paths, which can lead to executing malicious code on the affected system.
Technical detail
A path traversal vulnerability (CWE-22) in SysAid On-Premise before 23.3.36 permits unauthenticated attackers to bypass directory restrictions and write arbitrary files to the Tomcat webroot, enabling remote code execution. This vulnerability was actively exploited in the wild during November 2023.
Summary generated and translated by AI from the official description.
In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 2
githubgithub.com/W01fh4cker/CVE-2023-47246-EXP★ 52githubgithub.com/rainbowhatrkn/CVE-2023-47246★ 0⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://documentation.sysaid.com/docs/latest-version-installation-fileshttps://documentation.sysaid.com/docs/on-premise-security-enhancements-2023https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-47246https://www.sysaid.com/blog/service-desk/on-premise-software-security-vulnerability-notification