CVE-2023-0887
Published Feb 17, 2023
Last updated 6 months ago
Overview
- Description
- A vulnerability was found in phjounin TFTPD64-SE 4.64 and classified as critical. This issue affects some unknown processing of the file tftpd64_svc.exe. The manipulation leads to unquoted search path. An attack has to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The associated identifier of this vulnerability is VDB-221351.
- Source
- cna@vuldb.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Secondary
- Base score
- 6
- Impact score
- 10
- Exploitability score
- 1.5
- Vector string
- AV:L/AC:H/Au:S/C:C/I:C/A:C
Weaknesses
- cna@vuldb.com
- CWE-428
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tftpd64_project:tftpd64:4.64:*:*:*:se:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8508FD40-3AAB-4D89-A577-BD9BE13ADE4C"
}
],
"operator": "OR"
}
]
}
]