CVE-2023-31465

CRITICAL EXPLOITED NUCLEI

FSMLabs TimeKeeper <8.0.28 - Command Injection

Title source: llm

Exploitation Summary

CVE-2023-31465 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.

Description

An issue was discovered in FSMLabs TimeKeeper 8.0.17 through 8.0.28. By intercepting requests from various timekeeper streams, it is possible to find the getsamplebacklog call. Some query parameters are passed directly in the URL and named arg[x], with x an integer starting from 1; it is possible to modify arg[2] to insert Bash code that will be executed directly by the server.

Nuclei Templates (1)

TimeKeeper by FSMLabs - Remote Code Execution

CRITICALby ritikchaddha

Shodan: http.favicon.hash:2134367771

FOFA: icon_hash=2134367771

References (2)

Core 2

Core References

Product

https://fsmlabs.com/fsmlabs-cybersecurity/

Exploit, Third Party Advisory

https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-2023-31465.md

View Exploit ZIP pw:eip

Scores

CVSS v3 9.8

EPSS 0.4446

EPSS Percentile 98.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

VulnCheck KEV 2023-12-04

Status published

Products (1)

fsmlabs/timekeeper 8.0.17 - 8.0.28

Published Jul 26, 2023

Tracked Since Feb 18, 2026