CVE-2023-7058
Published: 22 December 2023
Summary
CVE-2023-7058 is a medium-severity Path Traversal: '../filedir' (CWE-24) vulnerability in Oretnom23 Simple Student Attendance System. Its CVSS base score is 6.3 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 45.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-59245
Vulnerability details
A vulnerability was found in SourceCodester Simple Student Attendance System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument page leads to path traversal: '../filedir'. The attack can be…
more
launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248749 was assigned to this vulnerability.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Path traversal vulnerability in public-facing web application enables initial access via exploitation (T1190) and facilitates collection of data from the local file system (T1005).
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.