Vulnerability Database

296,605

Total vulnerabilities in the database

CVE-2023-39107

An arbitrary file overwrite vulnerability in NoMachine Free Edition and Enterprise Client for macOS before v8.8.1 allows attackers to overwrite root-owned files by using hardlinks.

Published: Aug 4, 2023
Updated: Aug 11, 2023
CVE: CVE-2023-39107
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.1
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CWEs:

CWE-59

Affected Software
References

Software	From	Fixed in
nomachine / nomachine	-	8.8.1

https://kb.nomachine.com/SU07U00247
https://kb.nomachine.com/TR07U10948
https://www.ns-echo.com/posts/nomachine_afo.html

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo