CVE-2023-33273

Name of the Vulnerable Software and Affected Versions DTS Monitoring version 3.57.0

Description An issue was discovered in the software where the url parameter within the WGET check function is vulnerable to OS command injection, specifically blind command injection. This means an attacker could potentially inject system commands without directly seeing the output, making it harder to detect.

Recommendations For DTS Monitoring version 3.57.0, as a temporary workaround, consider restricting or disabling the use of the url parameter within the WGET check function until a patch is available. Avoid using the url parameter in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.