erohtar/Dasherr on GitHub
A minimal and lightweight dashboard for your self-hosted services (and bookmarks)
CVE History
CVE | Published | CVSS v2 | CVSS v3 |
---|---|---|---|
CVE-2023-23607 | 9.8 CRITICAL | N/A | |
erohtar/Dasherr is a dashboard for self-hosted services. In affected versions unrestricted file upload allows any unauthenticated user to execute arbitrary code on the server. The file /www/include/filesave.php allows for any file to uploaded to anywhere. If an attacker uploads a php file they can execute code on the server. This issue has been addressed in version 1.05.00. Users are advised to upgrade. There are no known workarounds for this issue. |