What is CVE-2023-39108?

CVE-2023-39108 is a vulnerability in N/a. Published 2023-08-01.

Is CVE-2023-39108 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2023-39108

rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_b parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via in…

EPSS: 0.785 (99.1th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

zer0yu/CVE_

References

github.com/zer0yu/CVE_Request/blob/master/rConfig/rConfig_path_b.md

Frequently asked questions

What is CVE-2023-39108?: CVE-2023-39108 is a vulnerability in N/a. Published 2023-08-01.
Is CVE-2023-39108 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.