Security News > 2023 > October > Critical Vulnerabilities Uncovered in Open Source CasaOS Cloud Software
2023-10-17 14:37
Two critical security flaws discovered in the open-source CasaOS personal cloud software could be successfully exploited by attackers to achieve arbitrary code execution and take over susceptible systems. The vulnerabilities, tracked as CVE-2023-37265 and CVE-2023-37266, both carry a CVSS score of 9.8 out of a maximum of 10. Sonar security researcher Thomas Chauchefoin, who discovered the bugs,
News URL
https://thehackernews.com/2023/10/critical-vulnerabilities-uncovered-in.html
Related news
- CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List (source)
- Open source worldwide: Critical maintenance gaps exposed (source)
- SAP fixes critical vulnerabilities in NetWeaver application servers (source)
- Critical vulnerabilities remain unresolved due to prioritization gaps (source)
- Critical SimpleHelp vulnerabilities fixed, update your server instances! (source)
- Netgear warns users to patch critical WiFi router vulnerabilities (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-17 | CVE-2023-37266 | Unspecified vulnerability in Icewhale Casaos CasaOS is an open-source Personal Cloud system. | 9.8 |
| 2023-07-17 | CVE-2023-37265 | Unspecified vulnerability in Icewhale Casaos CasaOS is an open-source Personal Cloud system. | 9.8 |