Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2013-0804

CWE-78 — OS Command Injection4 documents4 sources

Severity

10.0CRITICAL

EPSS

33.2%

top 3.10%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Novell Groupwise

Timeline

PublishedFeb 24

Latest updateMay 17

Description

The client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference) via unspecified vectors.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDnovell/groupwise6 versions+5

🔴Vulnerability Details

GHSA

GHSA-9478-6v8q-5f74: The client in Novell GroupWise 8↗2022-05-17

▶

CVEList

CVE-2013-0804: The client in Novell GroupWise 8↗2013-02-24

▶

💥Exploits & PoCs

Exploit-DB

Novell Groupwise Client 8.0 - Multiple Remote Code Execution Vulnerabilities↗2013-01-31

▶