cvelist/2023/6xxx/CVE-2023-6614.json

{
    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
    "CVE_data_meta": {
        "ID": "CVE-2023-6614",
        "ASSIGNER": "cna@vuldb.com",
        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "A vulnerability classified as problematic was found in Typecho 1.2.1. Affected by this vulnerability is an unknown functionality of the file /admin/manage-pages.php of the component Page Handler. The manipulation leads to backdoor. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-247249 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
            },
            {
                "lang": "deu",
                "value": "In Typecho 1.2.1 wurde eine problematische Schwachstelle entdeckt. Hierbei betrifft es unbekannten Programmcode der Datei /admin/manage-pages.php der Komponente Page Handler. Mit der Manipulation mit unbekannten Daten kann eine backdoor-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-912 Backdoor",
                        "cweId": "CWE-912"
                    }
                ]
            }
        ]
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "n/a",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Typecho",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "=",
                                            "version_value": "1.2.1"
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "references": {
        "reference_data": [
            {
                "url": "https://vuldb.com/?id.247249",
                "refsource": "MISC",
                "name": "https://vuldb.com/?id.247249"
            },
            {
                "url": "https://vuldb.com/?ctiid.247249",
                "refsource": "MISC",
                "name": "https://vuldb.com/?ctiid.247249"
            },
            {
                "url": "https://github.com/JTZ-a/SRC/blob/master/Typecho/Typecho-IDOR/en-us.md",
                "refsource": "MISC",
                "name": "https://github.com/JTZ-a/SRC/blob/master/Typecho/Typecho-IDOR/en-us.md"
            }
        ]
    },
    "credits": [
        {
            "lang": "en",
            "value": "JTZ- (VulDB User)"
        }
    ],
    "impact": {
        "cvss": [
            {
                "version": "3.1",
                "baseScore": 2.7,
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
                "baseSeverity": "LOW"
            },
            {
                "version": "3.0",
                "baseScore": 2.7,
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
                "baseSeverity": "LOW"
            },
            {
                "version": "2.0",
                "baseScore": 3.3,
                "vectorString": "AV:N/AC:L/Au:M/C:N/I:N/A:P"
            }
        ]
    }
}
"-Synchronized-Data." 2023-12-08 10:00:34 +00:00			`{`
"-Synchronized-Data." 2023-12-08 17:00:34 +00:00			`"data_version": "4.0",`
"-Synchronized-Data." 2023-12-08 10:00:34 +00:00			`"data_type": "CVE",`
			`"data_format": "MITRE",`
			`"CVE_data_meta": {`
			`"ID": "CVE-2023-6614",`
"-Synchronized-Data." 2023-12-08 17:00:34 +00:00			`"ASSIGNER": "cna@vuldb.com",`
			`"STATE": "PUBLIC"`
"-Synchronized-Data." 2023-12-08 10:00:34 +00:00			`},`
			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
"-Synchronized-Data." 2023-12-08 17:00:34 +00:00			`"value": "A vulnerability classified as problematic was found in Typecho 1.2.1. Affected by this vulnerability is an unknown functionality of the file /admin/manage-pages.php of the component Page Handler. The manipulation leads to backdoor. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-247249 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."`
			`},`
			`{`
			`"lang": "deu",`
			`"value": "In Typecho 1.2.1 wurde eine problematische Schwachstelle entdeckt. Hierbei betrifft es unbekannten Programmcode der Datei /admin/manage-pages.php der Komponente Page Handler. Mit der Manipulation mit unbekannten Daten kann eine backdoor-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."`
			`}`
			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "CWE-912 Backdoor",`
			`"cweId": "CWE-912"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"vendor_name": "n/a",`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Typecho",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_affected": "=",`
			`"version_value": "1.2.1"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"url": "https://vuldb.com/?id.247249",`
			`"refsource": "MISC",`
			`"name": "https://vuldb.com/?id.247249"`
			`},`
			`{`
			`"url": "https://vuldb.com/?ctiid.247249",`
			`"refsource": "MISC",`
			`"name": "https://vuldb.com/?ctiid.247249"`
			`},`
			`{`
			`"url": "https://github.com/JTZ-a/SRC/blob/master/Typecho/Typecho-IDOR/en-us.md",`
			`"refsource": "MISC",`
			`"name": "https://github.com/JTZ-a/SRC/blob/master/Typecho/Typecho-IDOR/en-us.md"`
			`}`
			`]`
			`},`
			`"credits": [`
			`{`
			`"lang": "en",`
			`"value": "JTZ- (VulDB User)"`
			`}`
			`],`
			`"impact": {`
			`"cvss": [`
			`{`
			`"version": "3.1",`
			`"baseScore": 2.7,`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",`
			`"baseSeverity": "LOW"`
			`},`
			`{`
			`"version": "3.0",`
			`"baseScore": 2.7,`
			`"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",`
			`"baseSeverity": "LOW"`
			`},`
			`{`
			`"version": "2.0",`
			`"baseScore": 3.3,`
			`"vectorString": "AV:N/AC:L/Au:M/C:N/I:N/A:P"`
"-Synchronized-Data." 2023-12-08 10:00:34 +00:00			`}`
			`]`
			`}`
			`}`