Nasa · Rtretrievalframework · CVE-2018-1000048
Name of the Vulnerable Software and Affected Versions:
NASA RtRetrievalFramework version v1.0
Description:
The issue concerns a remote code execution flaw in the Data retrieval functionality of the RtRetrieval framework. This can be exploited when a victim attempts to retrieve and process a weather data file.
Recommendations:
For NASA RtRetrievalFramework version v1.0, consider disabling the Data retrieval functionality until a patch is available to prevent potential remote code execution. Restrict access to the weather data file processing feature to minimize the risk of exploitation.