Filtered by vendor Mayuresh82 Subscriptions
Filtered by product Gocast Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-28892 2 Gocast, Mayuresh82 2 Gocast, Gocast 2024-12-20 9.8 Critical
An OS command injection vulnerability exists in the name parameter of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.
CVE-2024-21855 2 Gocast, Mayuresh82 2 Gocast, Gocast 2024-12-20 9.8 Critical
A lack of authentication vulnerability exists in the HTTP API functionality of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.
CVE-2024-29224 2 Gocast, Mayuresh82 2 Gocast, Gocast 2024-12-17 9.8 Critical
An OS command injection vulnerability exists in the NAT parameter of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.