CVE-2023-34207 (GCVE-0-2023-34207)
Vulnerability from cvelistv5 – Published: 2023-10-17 03:35 – Updated: 2024-09-13 19:52
VLAI?
Summary
Unrestricted upload of file with dangerous type vulnerability in create template function in EasyUse MailHunter Ultimate 2023 and earlier allows remote authenticated users to perform arbitrary system commands with ‘NT Authority\SYSTEM‘ privilege via a crafted ZIP archive.
Severity ?
9.9 (Critical)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| EasyUse Digital Technology | MailHunter Ultimate |
Affected:
0 , ≤ 2023
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:54.241Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://zuso.ai/Advisory/ZA-2023-04"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34207",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T19:52:06.578416Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T19:52:42.498Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "MailHunter Ultimate",
"vendor": "EasyUse Digital Technology",
"versions": [
{
"lessThanOrEqual": "2023",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-10-17T04:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unrestricted upload of file with dangerous type vulnerability in create template function in EasyUse MailHunter Ultimate 2023 and earlier allows remote authenticated users to perform arbitrary system commands with \u2018NT Authority\\SYSTEM\u2018 privilege via a crafted ZIP archive."
}
],
"value": "Unrestricted upload of file with dangerous type vulnerability in create template function in EasyUse MailHunter Ultimate 2023 and earlier allows remote authenticated users to perform arbitrary system commands with \u2018NT Authority\\SYSTEM\u2018 privilege via a crafted ZIP archive."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T03:35:35.535Z",
"orgId": "256c161b-b921-402b-8c3b-c6c9c14d5d88",
"shortName": "ZUSO ART"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://zuso.ai/Advisory/ZA-2023-04"
}
],
"source": {
"defect": [
"ZA-2023-04"
],
"discovery": "EXTERNAL"
},
"title": "Unrestricted Upload of File with Dangerous Type in EasyUse MailHunter Ultimate",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "256c161b-b921-402b-8c3b-c6c9c14d5d88",
"assignerShortName": "ZUSO ART",
"cveId": "CVE-2023-34207",
"datePublished": "2023-10-17T03:35:35.535Z",
"dateReserved": "2023-05-30T09:41:32.477Z",
"dateUpdated": "2024-09-13T19:52:42.498Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:easyuse:mailhunter_ultimate:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2023\", \"matchCriteriaId\": \"94D027C5-7AB4-4652-A7E8-4F979194ED01\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Unrestricted upload of file with dangerous type vulnerability in create template function in EasyUse MailHunter Ultimate 2023 and earlier allows remote authenticated users to perform arbitrary system commands with \\u2018NT Authority\\\\SYSTEM\\u2018 privilege via a crafted ZIP archive.\"}, {\"lang\": \"es\", \"value\": \"La carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en la funci\\u00f3n de creaci\\u00f3n de plantillas en EasyUse MailHunter Ultimate 2023 y versiones anteriores permite a usuarios remotos autenticados realizar comandos arbitrarios del sistema con el privilegio \u0027NT Authority\\\\SYSTEM\u0027 a trav\\u00e9s de un archivo ZIP manipulado.\"}]",
"id": "CVE-2023-34207",
"lastModified": "2024-11-21T08:06:46.183",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"ART@zuso.ai\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 9.9, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.1, \"impactScore\": 6.0}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}]}",
"published": "2023-10-17T04:15:11.937",
"references": "[{\"url\": \"https://zuso.ai/Advisory/ZA-2023-04\", \"source\": \"ART@zuso.ai\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://zuso.ai/Advisory/ZA-2023-04\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "ART@zuso.ai",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"ART@zuso.ai\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-434\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-434\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-34207\",\"sourceIdentifier\":\"ART@zuso.ai\",\"published\":\"2023-10-17T04:15:11.937\",\"lastModified\":\"2024-11-21T08:06:46.183\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unrestricted upload of file with dangerous type vulnerability in create template function in EasyUse MailHunter Ultimate 2023 and earlier allows remote authenticated users to perform arbitrary system commands with \u2018NT Authority\\\\SYSTEM\u2018 privilege via a crafted ZIP archive.\"},{\"lang\":\"es\",\"value\":\"La carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en la funci\u00f3n de creaci\u00f3n de plantillas en EasyUse MailHunter Ultimate 2023 y versiones anteriores permite a usuarios remotos autenticados realizar comandos arbitrarios del sistema con el privilegio \u0027NT Authority\\\\SYSTEM\u0027 a trav\u00e9s de un archivo ZIP manipulado.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"ART@zuso.ai\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":9.9,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.1,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"ART@zuso.ai\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-434\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-434\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:easyuse:mailhunter_ultimate:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2023\",\"matchCriteriaId\":\"94D027C5-7AB4-4652-A7E8-4F979194ED01\"}]}]}],\"references\":[{\"url\":\"https://zuso.ai/Advisory/ZA-2023-04\",\"source\":\"ART@zuso.ai\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://zuso.ai/Advisory/ZA-2023-04\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://zuso.ai/Advisory/ZA-2023-04\", \"tags\": [\"third-party-advisory\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T16:01:54.241Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-34207\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-13T19:52:06.578416Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-13T19:52:22.620Z\"}}], \"cna\": {\"title\": \"Unrestricted Upload of File with Dangerous Type in EasyUse MailHunter Ultimate\", \"source\": {\"defect\": [\"ZA-2023-04\"], \"discovery\": \"EXTERNAL\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 9.9, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"EasyUse Digital Technology\", \"product\": \"MailHunter Ultimate\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"2023\"}], \"defaultStatus\": \"affected\"}], \"datePublic\": \"2023-10-17T04:00:00.000Z\", \"references\": [{\"url\": \"https://zuso.ai/Advisory/ZA-2023-04\", \"tags\": [\"third-party-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Unrestricted upload of file with dangerous type vulnerability in create template function in EasyUse MailHunter Ultimate 2023 and earlier allows remote authenticated users to perform arbitrary system commands with \\u2018NT Authority\\\\SYSTEM\\u2018 privilege via a crafted ZIP archive.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Unrestricted upload of file with dangerous type vulnerability in create template function in EasyUse MailHunter Ultimate 2023 and earlier allows remote authenticated users to perform arbitrary system commands with \\u2018NT Authority\\\\SYSTEM\\u2018 privilege via a crafted ZIP archive.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-434\", \"description\": \"CWE-434 Unrestricted Upload of File with Dangerous Type\"}]}], \"providerMetadata\": {\"orgId\": \"256c161b-b921-402b-8c3b-c6c9c14d5d88\", \"shortName\": \"ZUSO ART\", \"dateUpdated\": \"2023-10-17T03:35:35.535Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-34207\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-13T19:52:42.498Z\", \"dateReserved\": \"2023-05-30T09:41:32.477Z\", \"assignerOrgId\": \"256c161b-b921-402b-8c3b-c6c9c14d5d88\", \"datePublished\": \"2023-10-17T03:35:35.535Z\", \"assignerShortName\": \"ZUSO ART\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…