CVE-2024-45307

Name of the Vulnerable Software and Affected Versions SudoBot versions prior to 9.26.7

Description SudoBot, a Discord moderation bot, is vulnerable to privilege escalation and exploit of the -config command. This issue allows anyone to theoretically update any configuration of the bot and potentially gain control over the bot's settings.

Recommendations For versions prior to 9.26.7, upgrade to version 9.26.7 to receive a patch. As a temporary workaround, create a command permission overwrite in the Database by executing a provided SQL statement, replacing <guild id> with the appropriate Guild ID for each server the bot is in, to disallow users without ManageGuild permission to run the -config command.