2 matches found
CVE-2024-2352
creationtimestamp| type| source ---|---|--- 2024-03-10 03:26:43+00:00| seen| https://t.me/ctinow/204103 2024-03-10 03:26:45+00:00| seen| https://t.me/ctinow/204105...
CVE-2024-2352
1Panel up to 1.10.1-lts is affected by CVE-2024-2352 via command injection in the function baseApi.UpdateDeviceSwap (file /api/v1/toolbox/device/update/swap). The issue arises from untrusted input in the Path argument (example: 123123123\nopen -a Calculator), which can be exploited remotely. Publ...