CVE-2023-46575
published 2023-11-24CVE-2023-46575: A SQL injection vulnerability exists in Meshery prior to version v0.6.179, enabling a remote attacker to retrieve sensitive information and execute arbitrary…
PriorityP351critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.28%
66.3th percentile
A SQL injection vulnerability exists in Meshery prior to version v0.6.179, enabling a remote attacker to retrieve sensitive information and execute arbitrary code through the “order” parameter
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | layer5io_meshery | >= 0 < 0.6.179 | 0.6.179 |
| layer5 | meshery | < 0.6.179 | 0.6.179 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
SQL injection vulnerability in Meshery
osv·2023-11-24
CVE-2023-46575 [CRITICAL] SQL injection vulnerability in Meshery
SQL injection vulnerability in Meshery
A SQL injection vulnerability in Meshery before 0.6.179 allows a remote attacker to obtain sensitive information and execute arbitrary code via the order parameter.
GHSA
SQL injection vulnerability in Meshery
ghsa·2023-11-24
CVE-2023-46575 [CRITICAL] CWE-89 SQL injection vulnerability in Meshery
SQL injection vulnerability in Meshery
A SQL injection vulnerability in Meshery before 0.6.179 allows a remote attacker to obtain sensitive information and execute arbitrary code via the order parameter.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/meshery/meshery/commit/ffe00967acfe4444a5db08ff3a4cafb9adf6013fhttps://github.com/meshery/meshery/compare/v0.6.178...v0.6.179https://github.com/meshery/meshery/pull/9372https://meshery.iohttps://github.com/meshery/meshery/commit/ffe00967acfe4444a5db08ff3a4cafb9adf6013fhttps://github.com/meshery/meshery/compare/v0.6.178...v0.6.179https://github.com/meshery/meshery/pull/9372https://meshery.io
2023-11-24
Published