Cyber Resilience

CVE-2023-43187

CriticalPublic PoC

Published: 27 September 2023

Published
27 September 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.8770 99.5th percentile
Risk Priority 72 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-43187 is a critical-severity aka Blind XPath Injection (CWE-91) vulnerability in Nodebb Nodebb. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 0.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

CVE-2023-43187 is a remote code execution vulnerability in the xmlrpc.php endpoint of NodeBB Inc NodeBB forum software prior to version 1.18.6. It arises from improper handling of XML-RPC input and is tracked under CWE-91, with a CVSS 3.1 base score of 9.8 reflecting network-accessible, unauthenticated attack conditions that can result in full confidentiality, integrity, and availability impact.

Unauthenticated remote attackers can exploit the flaw by submitting crafted XML-RPC requests to the exposed endpoint, enabling arbitrary code execution on the underlying server and potential full compromise of the forum installation.

The supplied references consist of GitHub repositories documenting the CVE without formal advisory or patch text; the version information in the CVE description indicates that upgrading to NodeBB 1.18.6 or later resolves the issue.

The associated EPSS values show a current score of 0.8770 against a recorded peak of 0.9011.

EU & UK References

Vulnerability details

A remote code execution (RCE) vulnerability in the xmlrpc.php endpoint of NodeBB Inc NodeBB forum software prior to v1.18.6 allows attackers to execute arbitrary code via crafted XML-RPC requests.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

nodebb
nodebb
≤ 1.18.6

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References