← volver
CVE-2023-3308

whaleal IceFrog Aviator Template Engine deserialization

CVSS 5.5 MEDIUMEPSS 1.1%CWE-502
A vulnerability classified as problematic has been found in whaleal IceFrog 1.1.8. Affected is an unknown function of the component Aviator Template Engine. The manipulation leads to deserialization. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-231804.
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Productos afectados
whaleal · IceFrog

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/NanKeXXX/selfVuln_poc/blob/main/whaleal%3Aicefrog/icefrog_1.1.8_RCE.mdhttps://vuldb.com/?ctiid.231804https://vuldb.com/?id.231804