CVE-2024-43425
Moodle: remote code execution via calculated question types
A flaw was found in Moodle. Additional restrictions are required to avoid a remote code execution risk in calculated question types. Note: This requires the capability to add/update questions.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Productos afectados
moodlePoCs públicas encontradas — 6
githubgithub.com/RedTeamPentesting/moodle-rce-calculatedquestions★ 19githubgithub.com/Snizi/Moodle-CVE-2024-43425-Exploit★ 3githubgithub.com/kazuya256/Moodle-authenticated-RCE★ 2githubgithub.com/aninfosec/CVE-2024-43425-Poc★ 0githubgithub.com/Tnot123/cve-2024-43425★ 0exploitdbwww.exploit-db.com/exploits/52350no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →