CVE-2023-33270

Name of the Vulnerable Software and Affected Versions DTS Monitoring version 3.57.0

Description An issue was discovered in the software where the url parameter within the Curl check function is vulnerable to OS command injection, specifically blind command injection. This means an attacker could potentially inject system commands without directly seeing the output, which could lead to unauthorized system access or data manipulation.

Recommendations For DTS Monitoring version 3.57.0, as a temporary workaround, consider restricting or disabling the use of the url parameter within the Curl check function until a patch is available. Additionally, restrict access to the Curl check function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.