{"uuid": "98f4ea85-8f8a-4cc4-86cd-79e958b74a5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50094", "type": "seen", "source": "https://t.me/cibsecurity/74095", "content": "\u203c\ufe0fCVE-2023-50094\u203c\ufe0f\n\nreNgine through 2.0.2 allows OS Command Injection if an adversary has a valid session ID. The attack places shell metacharacters in an apitoolswafdetector?url string. The commands are executed as root via subprocess.checkoutput.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-02T01:31:30.000000Z"}