CVE-2023-33965

Brook's tproxy server component is vulnerable to a drive-by command injection, enabling remote code execution when a user visits a malicious page that triggers requests to the local tproxy service. A fix is available in version 20230606. The affected product is the Brook cross‑platform network to...