cbcvebase.
CVE-2023-36255
published 2023-08-03

CVE-2023-36255: An issue in Eramba Limited Eramba Enterprise and Community edition v.3.19.1 allows a remote attacker to execute arbitrary code via the path parameter in the…

PriorityP276high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EXPLOIT
EPSS
57.36%
99.0th percentile
An issue in Eramba Limited Eramba Enterprise and Community edition v.3.19.1 allows a remote attacker to execute arbitrary code via the path parameter in the URL.

Affected

1 ranges
VendorProductVersion rangeFixed in
erambaeramba

Detection & IOCsextracted from sources · hover to see the quote

url/download-test-pdf
  • Monitor HTTP requests targeting the 'download-test-pdf' endpoint with suspicious or path-traversal values in the 'path' parameter, which is the injection point for arbitrary command execution.
  • Alert on remote code execution attempts against Eramba versions up to and including 3.19.1 via the URL path parameter.
  • ·Exploitation requires the attacker to be authenticated AND Eramba debug mode to be enabled. Disabling debug mode mitigates exploitation even on vulnerable versions.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.