Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8
CVE-2024-28892
- EPSS 1.79%
- Veröffentlicht 21.11.2024 15:15:29
- Zuletzt bearbeitet 20.12.2024 17:05:48
An OS command injection vulnerability exists in the name parameter of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.
9.8
CVE-2024-29224
- EPSS 3%
- Veröffentlicht 21.11.2024 15:15:29
- Zuletzt bearbeitet 17.12.2024 22:20:34
An OS command injection vulnerability exists in the NAT parameter of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.
9.8
CVE-2024-21855
- EPSS 0.41%
- Veröffentlicht 21.11.2024 15:15:26
- Zuletzt bearbeitet 20.12.2024 17:05:24
A lack of authentication vulnerability exists in the HTTP API functionality of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.
1