CVE-2023-31465

Name of the Vulnerable Software and Affected Versions FSMLabs TimeKeeper versions 8.0.17 through 8.0.28

Description The issue is related to insufficient input validation in the FSMLabs TimeKeeper software. It allows an attacker to intercept requests from various timekeeper streams and find the getsamplebacklog call. The attacker can modify the arg[2] query parameter to insert Bash code, which will be executed directly by the server. This can enable a remote attacker to execute arbitrary code.

Recommendations For FSMLabs TimeKeeper versions 8.0.17 through 8.0.28, consider restricting access to the getsamplebacklog call and validating all input parameters, especially arg[2], to prevent code injection. As a temporary workaround, consider disabling the execution of Bash code from the arg[2] parameter until a patch is available.