acme.sh before 3.0.6 runs arbitrary commands from a remote server via eval, as exploited in the wild in June 2023.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-07-13T00:00:00
Updated: 2024-08-02T17:30:14.099Z
Reserved: 2023-07-13T00:00:00
Link: CVE-2023-38198
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-07-13T03:15:09.977
Modified: 2023-07-25T14:30:35.337
Link: CVE-2023-38198
Redhat
No data.