CVE-2024-21623
CRITICALmehah/otclient < 2023-12-30 - Remote Code Execution via GitHub Actions Workflow Injection
Title source: llmDescription
OTCLient is an alternative tibia client for otserv. Prior to commit db560de0b56476c87a2f967466407939196dd254, the /mehah/otclient "`Analysis - SonarCloud`" workflow is vulnerable to an expression injection in Actions, allowing an attacker to run commands remotely on the runner, leak secrets, and alter the repository using this workflow. Commit db560de0b56476c87a2f967466407939196dd254 contains a fix for this issue.
References (5)
Core 5
Core References
Exploit, Vendor Advisory x_refsource_confirm
https://github.com/mehah/otclient/security/advisories/GHSA-q6gr-wc79-v589
Patch x_refsource_misc
https://github.com/mehah/otclient/commit/db560de0b56476c87a2f967466407939196dd254
Product x_refsource_misc
https://github.com/mehah/otclient/blob/72744edc3b9913b920e0fd12e929604f682fda75/.github/workflows/analysis-sonarcloud.yml#L91-L104
Exploit, Third Party Advisory x_refsource_misc
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
Exploit, Third Party Advisory x_refsource_misc
https://securitylab.github.com/research/github-actions-untrusted-input/
Scores
CVSS v3
9.8
EPSS
0.0123
EPSS Percentile
64.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
total
Details
CWE
CWE-74
Status
published
Products (1)
mehah/otclient
< 2023-12-30
Published
Jan 02, 2024
Tracked Since
Feb 18, 2026