Skip to content

Instantly share code, notes, and snippets.

@Decamark

Decamark/CVE-2023-37646.md Secret

Created August 5, 2023 07:03
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Decamark/868e88aa6aae6b8f4a1dc1991efb83ca to your computer and use it in GitHub Desktop.
Save Decamark/868e88aa6aae6b8f4a1dc1991efb83ca to your computer and use it in GitHub Desktop.
Download ZIP
CVE-2023-37646
Raw
CVE-2023-37646.md
Vulnerability type Product name Affected version
Remote Code Execution Bitberry File Opener 23.0

Bitberry File Opener 23.0 has a directory traversal when it concatenates a file path embedded in the CAB file to a current directory. Making a user open a crafted file, an attacker can write arbitrary files into the startup folder, which ends up with remote code execution.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment