| शीर्षक | xiaoyunjie openvpn-cms-flask 1.2.7 Command Injection |
|---|
| विवरण | An authenticated remote code execution vulnerability exists in the OpenVPN user creation endpoint (app/api/v1/openvpn.py), allowing privileged users to execute arbitrary commands through malicious username parameters.
Details can be found in https://github.com/xiaoyunjie/openvpn-cms-flask/issues/24. |
|---|
| स्रोत | ⚠️ https://github.com/xiaoyunjie/openvpn-cms-flask/issues/24 |
|---|
| उपयोगकर्ता | Tritium (UID 50779) |
|---|
| सबमिशन | 22/06/2025 04:25 PM (10 महीनों पहले) |
|---|
| संयम | 27/06/2025 01:03 PM (5 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 314091 [xiaoyunjie openvpn-cms-flask तक 1.2.7 User Creation Endpoint /app/api/v1/openvpn.py create_user उपयोगकर्ता नाम अधिकार वृद्धि] |
|---|
| अंक | 17 |
|---|