CVE-2024-58286

Vulnerability Description

dizqueTV 1.5.3 contains a remote code execution vulnerability that allows attackers to inject arbitrary commands through the FFMPEG Executable Path settings. Attackers can modify the executable path with shell commands to read system files like /etc/passwd by exploiting improper input validation.

Related Weaknesses (CWE)

CWE-78

References

https://github.com/vexorian/dizquetv
https://www.exploit-db.com/exploits/52079
https://www.vulncheck.com/advisories/dizquetv-remote-code-execution-via-ffmpeg-e

FAQ

What is CVE-2024-58286?

CVE-2024-58286 is a documented vulnerability. dizqueTV 1.5.3 contains a remote code execution vulnerability that allows attackers to inject arbitrary commands through the FFMPEG Executable Path settings. Attackers can modify the executable path w...

How severe is CVE-2024-58286?

CVSS scoring is not yet available for CVE-2024-58286. Check NVD for updates.

Is there a patch for CVE-2024-58286?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.