Curl.exe Vulnerability

A new vulnerability, CVE-2023-38545 and CVE-2023-38546 has been found in the widely used Curl.exe and libcurl. For more details on the vulnerability 

(https://www.tenable.com/blog/cve-2023-38545-cve-2023-38546-frequently-asked-questions-for-new-vulnerabilities-in-curl


Addressing the Vulnerability:

To overcome this vulnerability, we are providing patches for eG Agents on top of v724/726/728.


Downloading the Patches:

The patches are available from the URLs below. Use the URL that corresponds to the version of eG Agents that are in use in your environment.


724:

https://eginnovations.sharefile.com/home/shared/fo29dfbb-b044-405a-9a7f-e714ae842a32


726:

https://eginnovations.sharefile.com/home/shared/fof0da87-8753-4591-97f0-7ad7b7c82978


728:

https://eginnovations.sharefile.com/home/shared/fo5dcced-ee32-4198-88ec-f149093c7640


Username: total@eginnovations.com

Password: M0n1torUX4r00tC@us3


Or


724:

http://download.eginnovations.com/eval724/Patches/Curl-Upgrade/724


726:

http://download.eginnovations.com/eval724/Patches/Curl-Upgrade/726


728:

http://download.eginnovations.com/eval728/Patches/Curl-Upgrade/728



If you are in v724 – Curl version will be 7.67.0.


If you are in v726/728 – Curl version will be 8.1.0.


Once you upgrade, you will be moved to 8.4.0.



Note: This curl upgrade package is only for Windows Operating Systems.

Login to post a comment