Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
NZBGet 21.1 allows authenticated remote code execution because the unarchive programs (7za and unrar) preserve executable file permissions. An attacker with the Control capability can execute a file by setting the value of SevenZipCommand or UnrarCmd. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
NZBGet 安全漏洞
Vulnerability Description
NZBGet是NZBGet公司的一个高效的 usenet 下载器。 NZBGet 21.1版本存在安全漏洞,该漏洞源于解档程序(7za 和 unrar)会保留可执行文件权限,攻击者利用该漏洞可以通过设置 SevenZipCommand 或 UnrarCmd 的值来执行文件。
CVSS Information
N/A
Vulnerability Type
N/A