3 matches found
CVE-2024-28892
An OS command injection vulnerability exists in the name parameter of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...
CVE-2024-28892
CVE-2024-28892 : A command-injection flaw exists in the name parameter of GoCast 1.1.3 (github.com/mayuresh82/gocast). A specially crafted, unauthenticated HTTP request can cause arbitrary command execution on the server. Documented as a network‑proximate vulnerability with high impact across con...
GoCast name parameter OS command injection vulnerability
Talos Vulnerability Report TALOS-2024-1960 GoCast name parameter OS command injection vulnerability November 21, 2024 CVE Number CVE-2024-28892 SUMMARY An OS command injection vulnerability exists in the name parameter of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary comman...