← voltar
CVE-2024-58278

IndigoSTAR Software - perl2exe <= V30.10C - Arbitrary Code Execution

CVSS 8.5 HIGHEPSS 0.2%CWE-78
perl2exe <= V30.10C contains an arbitrary code execution vulnerability that allows local authenticated attackers to execute malicious scripts. Attackers can control the 0th argument of packed executables to execute another executable, allowing them to bypass restrictions and gain unauthorized access.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
IndigoSTAR Software · perl2exe

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.exploit-db.com/exploits/51825https://www.indigostar.com/https://www.indigostar.com/download/p2x-30.10-Linux-x64-5.30.1.tar.gzhttps://www.vulncheck.com/advisories/indigostar-software-perl2exe-v3010c-arbitrary-code-execution