CVE-2023-6848 | kalcaddle kodbox up to 1.48 index.class.php check soffice command injection

Posted by Angelo Barbosa | Dec 15, 2023 | CVE

A vulnerability was found in kalcaddle kodbox up to 1.48. It has been declared as critical. Affected by this vulnerability is the function check of the file plugins/officeViewer/controller/libreOffice/index.class.php. The manipulation of the argument soffice leads to command injection.

This vulnerability is known as CVE-2023-6848. The attack can be launched remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2023-6848 | kalcaddle kodbox up to 1.48 index.class.php check soffice command injection

Related Posts

CVE-2022-31670 | Harbor improper authorization (GHSA-3637-v6vq-xqqw)

CVE-2024-1548 | Mozilla Firefox up to 122 Fullscreen Notification improper restriction of rendered ui layers

CVE-2024-20286 | Cisco NX-OS up to 10.2(1q) Python Interpreter protection mechanism (cisco-sa-nxos-psbe-ce-YvbTn5du)

CVE-2024-5483 | LearnPress Plugin up to 4.2.6.8 on WordPress JSON API information disclosure