CVE-2023-25759
CVSS V2 None
CVSS V3 None
Description
OS Command Injection in TripleData Reporting Engine in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated users to run unprivileged OS level commands via a crafted request payload.
Overview
- CVE ID
- CVE-2023-25759
- Assigner
- cve@mitre.org
- Vulnerability Status
- Undergoing Analysis
- Published Version
- 2023-04-19T12:15:08
- Last Modified Date
- 2023-04-19T12:39:28
References
Reference URL | Reference Tags |
---|---|
https://tripleplay.tv | |
https://tripleplay.tv/wp-content/uploads/2023/03/CVE-2023-25759-Summary.pdf |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-25759 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25759 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2023-04-19 13:01:27 | Added to TrackCVE | |||
2023-04-25 13:01:19 | Awaiting Analysis | Undergoing Analysis | Vulnerability Status | updated |