CVE-2022-23609
HIGHitunesrpc-remastered 3.1.0 - Arbitrary File Deletion via Unsanitized User Input
Title source: llmDescription
iTunesRPC-Remastered is a Discord Rich Presence for iTunes on Windows utility. In affected versions iTunesRPC-Remastered did not properly sanitize user input used to remove files leading to file deletion only limited by the process permissions. Users are advised to upgrade as soon as possible.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_confirm
https://github.com/bildsben/iTunesRPC-Remastered/security/advisories/GHSA-cc8j-fr7v-7r6q
Patch, Third Party Advisory x_refsource_misc
https://github.com/bildsben/iTunesRPC-Remastered/commit/1eb1e5428f0926b2829a0bbbb65b0d946e608593
Scores
CVSS v3
8.3
EPSS
0.0102
EPSS Percentile
59.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-22
Status
published
Products (1)
itunesrpc-remastered_project/itunesrpc-remastered
3.1.0 - 3.1.1
Published
Feb 04, 2022
Tracked Since
Feb 18, 2026