CVE-2024-53992

CVSS V2 None CVSS V3 None
Description
unzip-bot is a Telegram bot to extract various types of archives. Users could exploit unsanitized inputs to inject malicious commands that are executed through subprocess.Popen with shell=True. Attackers can exploit this vulnerability using a crafted archive name, password, or video name. This vulnerability is fixed in 7.0.3a.
Overview
  • CVE ID
  • CVE-2024-53992
  • Assigner
  • GitHub_M
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-12-02T17:03:22.631Z
  • Last Modified Date
  • 2024-12-02T17:03:22.631Z
History
Created Old Value New Value Data Type Notes
2024-12-03 13:40:17 Added to TrackCVE