Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 11:7 a.m.20 views

CVE-2024-21855

A lack of authentication vulnerability exists in the HTTP API functionality of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

9.8CVSS7.5AI score0.02036EPSS
Exploits0References1
NVD
NVD
added 2024/11/21 3:15 p.m.40 views

CVE-2024-29224

An OS command injection vulnerability exists in the NAT parameter of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

9.8CVSS0.06292EPSS
Exploits0References2
OSV
OSV
added 2024/11/21 3:15 p.m.2 views

CVE-2024-29224

An OS command injection vulnerability exists in the NAT parameter of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

9.8CVSS7.6AI score0.06292EPSS
Exploits0References2
NVD
NVD
added 2024/11/21 3:15 p.m.36 views

CVE-2024-21855

A lack of authentication vulnerability exists in the HTTP API functionality of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

9.8CVSS0.02036EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/21 2:41 p.m.15 views

CVE-2024-28892

An OS command injection vulnerability exists in the name parameter of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

9.8CVSS7.7AI score0.06445EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/21 2:41 p.m.37 views

CVE-2024-28892

An OS command injection vulnerability exists in the name parameter of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

9.8CVSS0.06445EPSS
Exploits0References1
CVE
CVE
added 2024/11/21 2:41 p.m.77 views

CVE-2024-28892

CVE-2024-28892 : A command-injection flaw exists in the name parameter of GoCast 1.1.3 (github.com/mayuresh82/gocast). A specially crafted, unauthenticated HTTP request can cause arbitrary command execution on the server. Documented as a network‑proximate vulnerability with high impact across con...

9.8CVSS9.8AI score0.06445EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/11/21 2:41 p.m.56 views

CVE-2024-29224

Summary: CVE-2024-29224 affects GoCast 1.1.3. The NAT parameter in the GoCast HTTP API can be abused to trigger OS command injection, enabling arbitrary command execution via an unauthenticated HTTP request. The root cause is the nat string being concatenated into a system command (iptables) with...

9.8CVSS9.8AI score0.06292EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder