CVE-2023-37469

Publication date

2023-08-24 22:12:10

Family

GitHub_M

State

PUBLISHED

Description

CasaOS is an open-source personal cloud system. Prior to version 0.4.4, if an authenticated user using CasaOS is able to successfully connect to a controlled SMB server, they are able to execute arbitrary commands. Version 0.4.4 contains a patch for the issue.