VYPR

Craftbeerpi4

by Pibrewing

Source repositories

CVEs (1)

  • CVE-2024-3955CriMay 2, 2024
    risk 0.64cvss 9.8epss 0.01

    URL GET parameter "logtime" utilized within the "downloadlog" function from "cbpi/http_endpoints/http_system.py" is subsequently passed to the "os.system" function in "cbpi/controller/system_controller.py" without prior validation allowing to execute arbitrary code.This issue…