CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-33369
https://notcve.org/view.php?id=CVE-2024-33369
27 Sep 2024 — Directory Traversal vulnerability in Plasmoapp RPShare Fabric mod v.1.0.0 allows a remote attacker to execute arbitrary code via the getFileNameFromConnection method in DownloadTask • https://gist.github.com/apple502j/54e0f80bfe082fd934e33970394adbb8 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-33368
https://notcve.org/view.php?id=CVE-2024-33368
27 Sep 2024 — An issue in Plasmoapp RPShare Fabric mod v.1.0.0 allows a remote attacker to execute arbitrary code via the build method in DonwloadPromptScreen • https://gist.github.com/apple502j/54e0f80bfe082fd934e33970394adbb8 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •