Vendor
CasaOS
Products
1
CVEs
2
Across products
2
Status
Private
Products
1- 2 CVEs
Recent CVEs
2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-24193 | Cri | 0.57 | 9.8 | 0.06 | Mar 10, 2022 | CasaOS before v0.2.7 was discovered to contain a command injection vulnerability. | ||
| CVE-2025-34171 | 0.00 | — | 0.01 | Jan 3, 2026 | CasaOS versions up to and including 0.4.15 expose multiple unauthenticated endpoints that allow remote attackers to retrieve sensitive configuration files and system debug information. The /v1/users/image endpoint can be abused with a user-controlled path parameter to access… |
- risk 0.57cvss 9.8epss 0.06
CasaOS before v0.2.7 was discovered to contain a command injection vulnerability.
- CVE-2025-34171Jan 3, 2026risk 0.00cvss —epss 0.01
CasaOS versions up to and including 0.4.15 expose multiple unauthenticated endpoints that allow remote attackers to retrieve sensitive configuration files and system debug information. The /v1/users/image endpoint can be abused with a user-controlled path parameter to access…