CVE-2018-0569 — OS Command Injection in Basercms

CWE-78 — OS Command Injection3 documents3 sources

Severity

8.8HIGHNVD

EPSS

1.0%

top 22.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Basercms Baserproject Basercms Basercms Users Community Basercms

Timeline

PublishedJun 26

Latest updateMay 14

Description

baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to execute arbitrary OS commands via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages3 packages

▶NVDbasercms/basercms3.0.0 — 3.0.15+1

▶Packagistbaserproject/basercms4.0.0 — 4.1.0.1+1

▶CVEListV5basercms_users_community/basercms(baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions)

🔴Vulnerability Details

OSV

OS Command Injection in baserCMS↗2022-05-14

▶

GHSA

OS Command Injection in baserCMS↗2022-05-14

▶