CVE-2019-7753

Name of the Vulnerable Software and Affected Versions Verydows version 2.0

Description The issue is related to a security problem where an attacker can inject malicious code. The estimated number of potentially affected devices worldwide is not available. The problem can be exploited through the /index.php?m=api&c=stats&a=count API endpoint, specifically via the referrer parameter.

Recommendations For Verydows version 2.0, as a temporary workaround, consider restricting access to the /index.php?m=api&c=stats&a=count API endpoint to minimize the risk of exploitation. Avoid using the referrer parameter in this endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.