OctoBot WebInterface 0.4.3 - Remote Code Execution (RCE)

Exploit Title: OctoBot WebInterface 0.4.3 - Remote Code Execution RCE Date: 9/2/2021 Exploit Author: Samy Younsi, Thomas Knudsen Vendor Homepage: https://www.octobot.online/ Software Link: https://github.com/Drakkar-Software/OctoBot Version: 0.4.0beta3 - 0.4.3 Tested on: Linux Ubuntu, CentOs CVE ...

OctoBot 代码问题漏洞

OctoBot is a powerful and fully modular open source cryptocurrency trading bot from the OctoBot community. A security vulnerability exists in OctoBot Tentacle versions 0.4.0beta3 through 0.4.3, which stems from a security flaw in the Tentacle Upload feature...