nvd-json-data-feeds/CVE-2024/CVE-2024-221xx/CVE-2024-22107.json

{
  "id": "CVE-2024-22107",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-02-02T16:15:55.090",
  "lastModified": "2024-02-02T16:30:16.430",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in GTB Central Console 15.17.1-30814.NG. The method systemSettingsDnsDataAction at /opt/webapp/src/AppBundle/Controller/React/SystemSettingsController.php is vulnerable to command injection via the /old/react/v1/api/system/dns/data endpoint. An authenticated attacker can abuse it to inject an arbitrary command and compromise the platform."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://adepts.of0x.cc/gtbcc-pwned/",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://x-c3ll.github.io/cves.html",
      "source": "cve@mitre.org"
    }
  ]
}
Auto-Update: 2024-02-02T17:00:25.658624+00:00 2024-02-02 17:00:29 +00:00			`{`
			`"id": "CVE-2024-22107",`
			`"sourceIdentifier": "cve@mitre.org",`
			`"published": "2024-02-02T16:15:55.090",`
			`"lastModified": "2024-02-02T16:30:16.430",`
			`"vulnStatus": "Awaiting Analysis",`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "An issue was discovered in GTB Central Console 15.17.1-30814.NG. The method systemSettingsDnsDataAction at /opt/webapp/src/AppBundle/Controller/React/SystemSettingsController.php is vulnerable to command injection via the /old/react/v1/api/system/dns/data endpoint. An authenticated attacker can abuse it to inject an arbitrary command and compromise the platform."`
			`}`
			`],`
			`"metrics": {},`
			`"references": [`
			`{`
			`"url": "https://adepts.of0x.cc/gtbcc-pwned/",`
			`"source": "cve@mitre.org"`
			`},`
			`{`
			`"url": "https://x-c3ll.github.io/cves.html",`
			`"source": "cve@mitre.org"`
			`}`
			`]`
			`}`