Published: 15/12/2023 Updated: 22/01/2024

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

MajorDoMo (aka Major Domestic Module) prior to 0662e5e allows command execution via thumb.php shell metacharacters. NOTE: this is unrelated to the Majordomo mailing-list manager.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mjdm majordomo

This Metasploit module exploits a command injection vulnerability in MajorDoMo versions before 0662e5e ...

MajorDoMo versions prior to 0662e5e suffer from an unauthenticated remote code execution vulnerability ...

Full Disclosure mailing list archives   By Date By Thread </form>    Disclosure of CVE-2023-50917: RCE Vulnerability in MajorDoM   Fro ...

MajorDoMo Unauthenticated RCE: Deep Dive & Exploitation Techniques

Deep Dive: CVE-2023-50917 - Unmasking an Unauthenticated Remote Code Execution Flaw in MajorDoMo's Thumb Module Introduction MajorDoMo, a beacon in Russian home automation, particularly favored by Raspberry Pi aficionados, has been a trusted name for over a decade With over 380 stars on its official GitHub repository at the time of writing, its popularity is evident Howe

CWE-77 https://github.com/sergejey/majordomo/commit/0662e5ebfb133445ff6154b69c61019357092178 https://github.com/sergejey/majordomo/commit/3ec3ffb863ea3c2661ab27d398776c551f4daaac http://seclists.org/fulldisclosure/2023/Dec/19 http://packetstormsecurity.com/files/176273/MajorDoMo-Remote-Code-Execution.html http://packetstormsecurity.com/files/176669/MajorDoMo-Command-Injection.html https://nvd.nist.gov https://github.com/Chocapikk/CVE-2023-50917 https://packetstormsecurity.com/files/176669/MajorDoMo-Command-Injection.html

CVE-2023-50917

Vulnerability Summary

Vulnerability Trend

Exploits

Mailing Lists

Github Repositories

References

Vulmon Search

About

Products

Connect