CVE-2023-6848 | kalcaddle kodbox up to 1.48 index.class.php check soffice command injection

Posted by Angelo Barbosa | Dec 15, 2023 | CVE

A vulnerability was found in kalcaddle kodbox up to 1.48. It has been declared as critical. Affected by this vulnerability is the function check of the file plugins/officeViewer/controller/libreOffice/index.class.php. The manipulation of the argument soffice leads to command injection.

This vulnerability is known as CVE-2023-6848. The attack can be launched remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2023-6848 | kalcaddle kodbox up to 1.48 index.class.php check soffice command injection

Related Posts

CVE-2023-47247 | SysAid On-Premise up to 23.3.33 Knowledge Base Article denial of service

CVE-2024-5611 | Stratum Plugin up to 1.4.1 on WordPress Countdown Widget cross site scripting

CVE-2024-4602 | Embed Peertube Playlist Plugin up to 1.9 on WordPress Setting cross site scripting

CVE-2024-32669 | Samsung Escargot 4.0.0 buffer overflow