← back
CVE-2022-23609

Path traveresal in iTunesRPC-Remastered

CVSS 8.3 HIGHEPSS 1.0%CWE-22
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.3EPSS 1.0%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
04 Feb 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
iTunesRPC-Remastered is a Discord Rich Presence for iTunes on Windows utility. In affected versions iTunesRPC-Remastered did not properly sanitize user input used to remove files leading to file deletion only limited by the process permissions. Users are advised to upgrade as soon as possible.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L