{"uuid": "6e5a143e-c193-4a5a-83b6-4e37d5b71c6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2621", "type": "seen", "source": "https://t.me/cibsecurity/73290", "content": "\u203c CVE-2023-2621 \u203c\n\nThe McFeeder server (distributed as part of SSW package), is susceptible to an arbitrary file write vulnerability on the MAIN computersystem. This vulnerability stems from the use of an outdated version of a third-party library, which is used to extract archives uploaded to McFeeder server. An authenticated malicious client canexploit this vulnerability by uploading a crafted ZIP archive via thenetwork to McFeeder\u00e2\u20ac\u2122s service endpoint.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-11-01T06:34:52.000000Z"}