CVE-2023-31465

CRITICAL EXPLOITED NUCLEI

FSMLabs TimeKeeper <8.0.28 - Command Injection

Title source: llm

Description

An issue was discovered in FSMLabs TimeKeeper 8.0.17 through 8.0.28. By intercepting requests from various timekeeper streams, it is possible to find the getsamplebacklog call. Some query parameters are passed directly in the URL and named arg[x], with x an integer starting from 1; it is possible to modify arg[2] to insert Bash code that will be executed directly by the server.

Nuclei Templates (1)

TimeKeeper by FSMLabs - Remote Code Execution

CRITICALby ritikchaddha

Shodan: http.favicon.hash:2134367771

FOFA: icon_hash=2134367771

References (2)

[Product] https://fsmlabs.com/fsmlabs-cybersecurity/

[Exploit, Third Party Advisory] https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-2023-31465.md

View Exploit ZIP pw:eip

Scores

CVSS v3 9.8

EPSS 0.9054

EPSS Percentile 99.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2023-12-04

Status published

Products (1)

fsmlabs/timekeeper 8.0.17 - 8.0.28

Published Jul 26, 2023

Tracked Since Feb 18, 2026