RCE in Vexorian Dizquetv
CVE-2024-58286
dizqueTV 1.5.3 contains a remote code execution vulnerability that allows attackers to inject arbitrary commands through the FFMPEG Executable Path settings. Attackers can modify the executable path with shell commands to read system files…
Vulnerability class: Command Injection (OS Command Injection)
EPSS: 0.005 (39.2th percentile) — read the EPSS interpretation.
Affected products
- Vexorian Dizquetv — versions 1.5.3
Weakness classification (CWE)
References
- disclosure@vulncheck.com (exploit)
- disclosure@vulncheck.com (product)
- disclosure@vulncheck.com (third-party-advisory)