While most of us love an ‘open house’, it seems CasaOS, the open-source personal cloud software, is a little too open for comfort. Two significant security flaws have prowled into our digital living room, potentially allowing culprits to execute arbitrary code and potentially take full control of vulnerable systems.
In a surprise ‘visit’, two high-risk bugs gatecrashed the CasaOS party. Bearing the monikers CVE-2023-37265 and CVE-2023-37266, each of these baddies flaunts a high CVSS score of 9.8. Just like people who refuse to leave at the end of a party, these bugs are beginning to overstay their welcome!
Every good party needs a bouncer and in this case, it’s Sonar security researcher Thomas Chauchefoin. His watchful eyes spotted the uninvited guests, providing us with valuable intel about these nasty party crashers.
To sum it up, our friendly open-source CasaOS has unwanted visitors posing an immense security risk. Bearing names like CVE-2023-37265 and CVE-2023-37266, these high-risk flaws with scores of 9.8 have snuck in uninvited. But thanks to our very own bug-bouncer, Thomas Chauchefoin, we’re now on high alert! So, let’s gear up and ensure these pests are shown the digital door!
Hang tight, techies! Remember, party hard, but security harder! Because the only ‘bugs’ we want at our party are the ones crawling around in the garden!
Original Article: https://thehackernews.com/2023/10/critical-vulnerabilities-uncovered-in.html
No products in the cart.