CVE-2023-29689

Published: Aug 4, 2023

Modified: Oct 17, 2024

PUBLISHED

Description

PyroCMS 3.9 contains a remote code execution (RCE) vulnerability that can be exploited through a server-side template injection (SSTI) flaw. This vulnerability allows a malicious attacker to send customized commands to the server and execute arbitrary code on the affected system.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://cupc4k3.lol/ssti-leads-to-rce-on-pyrocms-7515be27c811

http://packetstormsecurity.com/files/174088/Pyro-CMS-3.9-Server-Side-Template-Injection.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-29689

Description

Affected Products

References