CVE-2023-47862

Name of the Vulnerable Software and Affected Versions WWBN AVideo dev master commit 15fed957fb

Description A local file inclusion vulnerability exists in the getLanguageFromBrowser functionality. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can send a series of HTTP requests to trigger this vulnerability.

Recommendations For WWBN AVideo dev master commit 15fed957fb, consider disabling the getLanguageFromBrowser functionality until a patch is available to prevent arbitrary code execution. Restrict access to the affected functionality to minimize the risk of exploitation. Avoid using the vulnerable functionality in the affected HTTP requests until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.