VYPR
Vendor

CasaOS

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2022-24193CriMar 10, 2022
    risk 0.57cvss 9.8epss 0.06

    CasaOS before v0.2.7 was discovered to contain a command injection vulnerability.

  • CVE-2025-34171Jan 3, 2026
    risk 0.00cvss epss 0.01

    CasaOS versions up to and including 0.4.15 expose multiple unauthenticated endpoints that allow remote attackers to retrieve sensitive configuration files and system debug information. The /v1/users/image endpoint can be abused with a user-controlled path parameter to access…