CVE CVE-2020-15140 Mappings

In Red Discord Bot before version 3.3.11, a RCE exploit has been discovered in the Trivia module: this exploit allows Discord users with specifically crafted usernames to inject code into the Trivia module's leaderboard command. By abusing this exploit, it's possible to perform destructive actions and/or access sensitive information. This critical exploit has been fixed on version 3.3.11.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2020-15140 Red-DiscordBot primary_impact T1059 Command and Scripting Interpreter
CVE-2020-15140 Red-DiscordBot exploitation_technique T1133 External Remote Services