CVE-2024-28892 | GoCast 1.1.3 HTTP Request name os command injection (TALOS-2024-1960)

Inserito da Angelo Barbosa | Nov 21, 2024 | CVE

A vulnerability classified as very critical has been found in GoCast 1.1.3. This affects an unknown part of the component HTTP Request Handler. The manipulation of the argument name leads to os command injection.

This vulnerability is uniquely identified as CVE-2024-28892. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-28892 | GoCast 1.1.3 HTTP Request name os command injection (TALOS-2024-1960)

Post correlati

CVE-2024-44008 | Dylan Kuhn Geo Mashup Plugin up to 1.13.12 on WordPress cross site scripting

CVE-2024-4895 | wpDataTables Plugin up to 3.4.2.12 on WordPress CSV Import cross site scripting

CVE-2023-50967 | latchset jose up to 11 p2c resource consumption

CVE-2024-52921 | Bitcoin Core up to 24.x Mutated Block state issue