CVE-2023-46134

Name of the Vulnerable Software and Affected Versions D-Tale versions prior to 3.7.0

Description The issue allows remote code execution, enabling attackers to run malicious code on the server. This is particularly concerning for users hosting D-Tale publicly. The estimated number of potentially affected devices worldwide is not specified. There is no information provided about real-world incidents where this issue was exploited.

Recommendations For versions prior to 3.7.0, the only workaround is to host D-Tale to trusted users. For all affected versions, upgrade to version 3.7.0, where the "Custom Filter" input is turned off by default, to fully resolve the issue.