cbcvebase.
CVE-2024-35236
published 2024-05-27

CVE-2024-35236: Audiobookshelf is a self-hosted audiobook and podcast server. Prior to version 2.10.0, opening an ebook with malicious scripts inside leads to code execution…

PriorityP430medium4.8CVSS 3.1
AVNACLPRHUIRSCCLILAN
EPSS
0.84%
53.2th percentile
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to version 2.10.0, opening an ebook with malicious scripts inside leads to code execution inside the browsing context. Attacking a user with high privileges (upload, creation of libraries) can lead to remote code execution (RCE) in the worst case. This was tested on version 2.9.0 on Windows, but an arbitrary file write is powerful enough as is and should easily lead to RCE on Linux, too. Version 2.10.0 contains a patch for the vulnerability.

Affected

3 ranges
VendorProductVersion rangeFixed in
advplyraudiobookshelf< 2.10.02.10.0
audiobookshelfaudiobookshelf< 2.10.02.10.0
github.comfilebrowser_filebrowser_v2>= 0 < 2.62.22.62.2

CVSS provenance

nvdv3.14.8MEDIUMCVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
ghsa4.8MEDIUM
osv4.8MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.