CVE-2022-24193 Information

Jun 07, 2022 cve

Description

CasaOS before v0.2.7 was discovered to contain a command injection vulnerability.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

https://github.com/IceWhaleTech/CasaOS/issues/84 https://github.com/IceWhaleTech/CasaOS/commit/d060968b7ab08e7f8cbfe7ca9ccdfa47afe9bb06 https://www.star123.top/2022/01/08/A-vulnerability-in-CasaOS/#more https://www.star123.top/2022/01/08/A-vulnerability-in-CasaOS/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

9.8

Share on: