cve/2023/CVE-2023-43364.md

CVE-2023-43364

Description

main.py in Searchor before 2.4.2 uses eval on CLI input, which may cause unexpected code execution.

POC

Reference

• https://github.com/advisories/GHSA-66m2-493m-crh2
• https://github.com/nexis-nexis/Searchor-2.4.0-POC-Exploit-
• https://github.com/nikn0laty/Exploit-for-Searchor-2.4.0-Arbitrary-CMD-Injection

Github

• https://github.com/libertycityhacker/CVE-2023-43364-Exploit-CVE
• https://github.com/nomi-sec/PoC-in-GitHub