2 matches found
CasaOS <= 0.4.15 Information Disclosure Vulnerability - Version Check
CasaOS is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:icewhale:casaos"; if...
CVE-2025-34171 CasaOS <= 0.4.15 Unauthenticated File and Debug Data Exposure
CasaOS versions up to and including 0.4.15 expose multiple unauthenticated endpoints that allow remote attackers to retrieve sensitive configuration files and system debug information. The /v1/users/image endpoint can be abused with a user-controlled path parameter to access files under...