Skip to main content

Acme Sh

1 CVEs product

Monthly

CVE-2023-38198 CRITICAL Act Now

acme.sh before 3.0.6 runs arbitrary commands from a remote server via eval, as exploited in the wild in June 2023. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Acme Sh
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
EPSS 1% CVSS 9.8
CRITICAL Act Now

acme.sh before 3.0.6 runs arbitrary commands from a remote server via eval, as exploited in the wild in June 2023. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Acme Sh
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy