High severity8.1NVD Advisory· Published Mar 12, 2024· Updated Jun 17, 2026
CVE-2024-28114
CVE-2024-28114
Description
Peering Manager is a BGP session management tool. There is a Server Side Template Injection vulnerability that leads to Remote Code Execution in Peering Manager <=1.8.2. As a result arbitrary commands can be executed on the operating system that is running Peering Manager. This issue has been addressed in version 1.8.3. Users are advised to upgrade. There are no known workarounds for this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=1.8.2+ 1 more
- (no CPE)range: <=1.8.2
- (no CPE)range: < 1.8.3
Patches
Vulnerability mechanics
References
5- github.com/peering-manager/peering-manager/commit/8a865fb596c11ad7caf45aef317d8fcbce7f85ffnvdPatch
- github.com/peering-manager/peering-manager/security/advisories/GHSA-q37x-qfrx-jcv6nvdExploitVendor Advisory
- owasp.org/www-community/attacks/Command_InjectionnvdNot Applicable
- owasp.org/www-project-web-security-testing-guide/v41/4-Web_Application_Security_Testing/07-Input_Validation_Testing/18-Testing_for_Server_Side_Template_InjectionnvdNot Applicable
- stackoverflow.com/questions/73939573/how-to-sanitise-string-of-python-code-with-pythonnvdNot Applicable
News mentions
0No linked articles in our index yet.