2 matches found
📄 Crafty Controller 4.6.1 Remote Code Execution / Server-Side Template Injection
Crafty Controller version 4.6.1 allows authenticated remote attackers to execute arbitrary system commands on the target server through server-side template injection the webhook configuration feature...
CVE-2025-14700
An input neutralization vulnerability in the Webhook Template component of Crafty Controller allows a remote, authenticated attacker to perform remote code execution via Server Side Template Injection...