CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2023-34237 – Remote code execution via specially crafted script settings in SABnzbd
https://notcve.org/view.php?id=CVE-2023-34237
SABnzbd is an open source automated Usenet download tool. A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the Parameters setting in the Notification Script functionality allows code execution with the privileges of the SABnzbd process. Exploiting the vulnerabilities requires access to the web interface. Remote exploitation is possible if users[exposed their setup to the internet or other untrusted networks without setting a username/password. • https://github.com/sabnzbd/sabnzbd/commit/422b4fce7bfd56e95a315be0400cdfdc585df7cc https://github.com/sabnzbd/sabnzbd/commit/e3a722664819d1c7c8fab97144cc299b1c18b429 https://github.com/sabnzbd/sabnzbd/security/advisories/GHSA-hhgh-xgh3-985r https://sabnzbd.org/wiki/configuration/4.0/general https://security.gentoo.org/glsa/202312-11 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2021-29488 – Creation of files outside the Download Folder through malicious PAR2 files
https://notcve.org/view.php?id=CVE-2021-29488
SABnzbd is an open source binary newsreader. A vulnerability was discovered in SABnzbd that could trick the `filesystem.renamer()` function into writing downloaded files outside the configured Download Folder via malicious PAR2 files. A patch was released as part of SABnzbd 3.2.1RC1. As a workaround, limit downloads to NZBs without PAR2 files, deny write permissions to the SABnzbd process outside areas it must access to perform its job, or update to a fixed version. SABnzbd es un lector de noticias binario de código abierto. • https://github.com/sabnzbd/sabnzbd/security/advisories/GHSA-jwj3-wrvf-v3rp • CWE-23: Relative Path Traversal •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-13124
https://notcve.org/view.php?id=CVE-2020-13124
SABnzbd 2.3.9 and 3.0.0Alpha2 has a command injection vulnerability in the web configuration interface that permits an authenticated user to execute arbitrary Python commands on the underlying operating system. SABnzbd versiones 2.3.9 y 3.0.0Alpha2, presenta una vulnerabilidad de inyección de comandos en la interfaz de configuración web que permite a un usuario autenticado ejecutar comandos de Python arbitrarios en el sistema operativo subyacente • https://github.com/sabnzbd/sabnzbd/commits/develop https://github.com/sabnzbd/sabnzbd/security/advisories/GHSA-9x87-96gg-33w2 https://sabnzbd.org/downloads • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •