← voltar
CVE-2024-58286

dizqueTV 1.5.3 Remote Code Execution via FFMPEG Executable Path

CVSS 9.3 CRITICALEPSS 0.5%CWE-78
dizqueTV 1.5.3 contains a remote code execution vulnerability that allows attackers to inject arbitrary commands through the FFMPEG Executable Path settings. Attackers can modify the executable path with shell commands to read system files like /etc/passwd by exploiting improper input validation.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
vexorian · dizqueTV

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/vexorian/dizquetvhttps://www.exploit-db.com/exploits/52079https://www.vulncheck.com/advisories/dizquetv-remote-code-execution-via-ffmpeg-executable-path