### [CVE-2023-39548](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39548)
![](https://img.shields.io/static/v1?label=Product&message=CLUSTERPRO%20X%20(EXPRESSCLUSTER%20X)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=CLUSTERPRO%20X%20SingleServerSafe%20(EXPRESSCLUSTER%20X%20SingleServerSafe)&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%2C%202.0%202.1%2C%203.0%2C%203.1%2C%203.2%2C%204.0%2C%204.1%2C%204.2%2C%205.0%20and%205.0%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%2C%202.0%202.1%2C%203.0%2C%203.1%2C%203.2%2C%204.0%2C%204.1%2C%204.2%2C%205.0%20and%205.1%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20upload%20of%20file%20with%20dangerous%20type&color=brighgreen)

### Description

CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds