CVE-2024-28892

Published: 2024-11-21T15:15Z

Last Modified: 2024-12-20T17:05Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

An OS command injection vulnerability exists in the name parameter of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt