Skip to main content

Casaos

7 CVEs product

Monthly

CVE-2025-34171 MEDIUM This Month

Casaos contains a vulnerability that allows attackers to retrieve sensitive configuration files and system debug information (CVSS 5.3).

Information Disclosure Casaos
NVD GitHub
CVSS 4.0
6.9
EPSS
0.1%
CVE-2024-24767 Go CRITICAL POC PATCH Act Now

CasaOS-UserService provides user management functionalities to CasaOS. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Casaos
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2024-24765 Go CRITICAL POC PATCH Act Now

CasaOS-UserService provides user management functionalities to CasaOS. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Casaos
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-37469 Go HIGH POC PATCH This Week

CasaOS is an open-source personal cloud system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Command Injection Casaos
NVD GitHub
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-37266 Go CRITICAL POC PATCH Act Now

CasaOS is an open-source Personal Cloud system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Casaos
NVD GitHub
CVSS 3.1
9.8
EPSS
5.9%
CVE-2023-37265 Go CRITICAL POC PATCH Act Now

CasaOS is an open-source Personal Cloud system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Casaos Casaos Gateway
NVD GitHub
CVSS 3.1
9.8
EPSS
6.4%
CVE-2022-24193 Go CRITICAL POC PATCH Act Now

CasaOS before v0.2.7 was discovered to contain a command injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Command Injection Casaos
NVD GitHub
CVSS 3.1
9.8
EPSS
6.0%
EPSS 0% CVSS 6.9
MEDIUM This Month

Casaos contains a vulnerability that allows attackers to retrieve sensitive configuration files and system debug information (CVSS 5.3).

Information Disclosure Casaos
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

CasaOS-UserService provides user management functionalities to CasaOS. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Casaos
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

CasaOS-UserService provides user management functionalities to CasaOS. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Casaos
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

CasaOS is an open-source personal cloud system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Command Injection Casaos
NVD GitHub
EPSS 6% CVSS 9.8
CRITICAL POC PATCH Act Now

CasaOS is an open-source Personal Cloud system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Casaos
NVD GitHub
EPSS 6% CVSS 9.8
CRITICAL POC PATCH Act Now

CasaOS is an open-source Personal Cloud system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Casaos Casaos Gateway
NVD GitHub
EPSS 6% CVSS 9.8
CRITICAL POC PATCH Act Now

CasaOS before v0.2.7 was discovered to contain a command injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Command Injection Casaos
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy