CVE-2023-29689 Information

Description

PyroCMS 3.9 contains a remote code execution (RCE) vulnerability that can be exploited through a server-side template injection (SSTI) flaw. This vulnerability allows a malicious attacker to send customized commands to the server and execute arbitrary code on the affected system.

Reference

https://cupc4k3.lol/ssti-leads-to-rce-on-pyrocms-7515be27c811