VDB
CVE-2023-43654
CVE-2023-43654
PUBLISHED
Es existiert eine Schwachstelle in PyTorch. Aufgrund einer unzureichenden Validierung von vom Benutzer bereitgestellten Eingaben, kommt es zu einem Server-Side Request Forgery (SSRF). Ein Angreifer kann diese Schwachstelle ausnutzen, indem er eine entfernte HTTP-Download-Anforderung aufruft und Dateien auf das System schreibt.
EPSS 91.65% · 99.7th percentile
Risk Scores
EPSS Score
91.65%
99.7th percentile
Exploit Intelligence
- A tool that checks if a TorchServe instance is vulnerable to CVE-2023-43654 (github-poc-repo)
- A tool that checks if a TorchServe instance is vulnerable to CVE-2023-43654 (github-poc-repo)
- A tool that checks if a TorchServe instance is vulnerable to CVE-2023-43654 (github-poc-repo)
- A tool that checks if a TorchServe instance is vulnerable to CVE-2023-43654 (github-poc-repo)
- A tool that checks if a TorchServe instance is vulnerable to CVE-2023-43654 (github-poc-repo)
- A tool that checks if a TorchServe instance is vulnerable to CVE-2023-43654 (github-poc-repo)
- A tool that checks if a TorchServe instance is vulnerable to CVE-2023-43654 (github-poc-repo)
- A tool that checks if a TorchServe instance is vulnerable to CVE-2023-43654 (github-poc-repo)
- Demo for CVE-2023-43654 - Remote Code Execution in PyTorch TorchServe (github-poc-repo)
- Demo for CVE-2023-43654 - Remote Code Execution in PyTorch TorchServe (github-poc-repo)
…and 46 more exploits
Timeline
- Aug 22, 2023 Fix PR Merged
- Sep 28, 2023 CVE Published
- Sep 29, 2023 EPSS Score
- Oct 12, 2023 PoC Published
- Oct 15, 2023 PoC Published
- Dec 2, 2023 EPSS Score
- Jan 3, 2024 EPSS Score
- Mar 6, 2024 EPSS Score
- Apr 7, 2024 EPSS Score
- Jun 10, 2024 EPSS Score
- Aug 13, 2024 EPSS Score
- Sep 13, 2024 EPSS Score