CVE-2024-21855

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Nov 21, 2024
CWE ID 306

Summary

CVE-2024-21855 is a vulnerability affecting GoCast 1.1.3's HTTP API functionality. This issue involves a lack of authentication, allowing an attacker to execute arbitrary commands by crafting a malicious HTTP request, without needing any prior authentication. This vulnerability poses a significant risk and should be addressed promptly by applying the necessary patches or updates to the affected software.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share