CVE-2024-21855

Name of the Vulnerable Software and Affected Versions GoCast version 1.1.3

Description A lack of authentication issue exists in the HTTP API functionality, allowing a specially crafted HTTP request to lead to arbitrary command execution. An attacker can make an unauthenticated HTTP request to trigger this issue.

Recommendations For GoCast version 1.1.3, as a temporary workaround, consider restricting access to the HTTP API functionality until a patch is available. Avoid making unauthenticated HTTP requests to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.