CVE-2023-33272

Name of the Vulnerable Software and Affected Versions DTS Monitoring version 3.57.0

Description An issue was discovered in the software where the ip parameter within the Ping check function is vulnerable to OS command injection, specifically blind command injection.

Recommendations For DTS Monitoring version 3.57.0, as a temporary workaround, consider restricting the use of the ip parameter in the Ping check function until a patch is available. Avoid using the ip parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.