Описание
Command Injection in CasaOS
CasaOS before v0.2.7 was discovered to contain a command injection vulnerability via the component leave or join zerotier api.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2022-24193
- https://github.com/IceWhaleTech/CasaOS/issues/84
- https://github.com/IceWhaleTech/CasaOS/commit/d060968b7ab08e7f8cbfe7ca9ccdfa47afe9bb06
- https://www.star123.top/2022/01/08/A-vulnerability-in-CasaOS
- https://www.star123.top/2022/01/08/A-vulnerability-in-CasaOS/#more
Пакеты
Наименование
github.com/IceWhaleTech/CasaOS
go
Затронутые версииВерсия исправления
< 0.2.7
0.2.8
Связанные уязвимости
CVSS3: 9.8
nvd
почти 4 года назад
CasaOS before v0.2.7 was discovered to contain a command injection vulnerability.