GHSA-66M2-493M-CRH2

Vulnerability from github – Published: 2023-09-25 18:37 – Updated: 2024-10-09 22:52
VLAI?
Summary
Searchor CLI's Search vulnerable to Arbitrary Code using Eval
Details

An issue in Arjun Sharda's Searchor before version v.2.4.2 allows an attacker to execute arbitrary code via a crafted script to the eval() function in Searchor's src/searchor/main.py file, affecting the search feature in Searchor's CLI (Command Line Interface).

Impact

Versions equal to, or below 2.4.1 are affected.

Patches

Versions above, or equal to 2.4.2 have patched the vulnerability.

References

https://github.com/nikn0laty/Exploit-for-Searchor-2.4.0-Arbitrary-CMD-Injection https://github.com/nexis-nexis/Searchor-2.4.0-POC-Exploit- https://github.com/jonnyzar/POC-Searchor-2.4.2 https://github.com/ArjunSharda/Searchor/pull/130

Severity ?
9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Show details on source website
To clipboard 

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.4.1"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "searchor"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.4.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-43364"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-74",
      "CWE-94"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-09-25T18:37:51Z",
    "nvd_published_at": "2023-12-12T18:15:22Z",
    "severity": "CRITICAL"
  },
  "details": " An issue in Arjun Sharda\u0027s Searchor before version v.2.4.2 allows an attacker to\n execute arbitrary code via a crafted script to the eval() function in Searchor\u0027s src/searchor/main.py file, affecting the search feature in Searchor\u0027s CLI (Command Line Interface).\n\n### Impact\nVersions equal to, or below 2.4.1 are affected.\n\n### Patches\nVersions above, or equal to 2.4.2 have patched the vulnerability.\n\n### References\nhttps://github.com/nikn0laty/Exploit-for-Searchor-2.4.0-Arbitrary-CMD-Injection\nhttps://github.com/nexis-nexis/Searchor-2.4.0-POC-Exploit-\nhttps://github.com/jonnyzar/POC-Searchor-2.4.2\nhttps://github.com/ArjunSharda/Searchor/pull/130",
  "id": "GHSA-66m2-493m-crh2",
  "modified": "2024-10-09T22:52:25Z",
  "published": "2023-09-25T18:37:51Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/ArjunSharda/Searchor/security/advisories/GHSA-66m2-493m-crh2"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43364"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ArjunSharda/Searchor/pull/130"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ArjunSharda/Searchor/commit/16016506f7bf92b0f21f51841d599126d6fcd15b"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ArjunSharda/Searchor"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-66m2-493m-crh2"
    },
    {
      "type": "WEB",
      "url": "https://github.com/nexis-nexis/Searchor-2.4.0-POC-Exploit-"
    },
    {
      "type": "WEB",
      "url": "https://github.com/nikn0laty/Exploit-for-Searchor-2.4.0-Arbitrary-CMD-Injection"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/searchor/PYSEC-2023-262.yaml"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Searchor CLI\u0027s Search vulnerable to Arbitrary Code using Eval"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.