Platform
other
Component
gocast
Fixed in
1.1.4
CVE-2024-21855 describes a critical authentication bypass vulnerability affecting GoCast versions 1.1.3 through 1.1.3. This flaw allows an attacker to execute arbitrary commands on the system without authentication. The vulnerability stems from a lack of proper authentication checks within the HTTP API functionality, enabling unauthorized access and control. A fix is available in version 1.1.4.
The impact of CVE-2024-21855 is severe. Successful exploitation allows an attacker to execute arbitrary commands on the affected GoCast instance. This could lead to complete system compromise, including data exfiltration, malware installation, and denial of service. The lack of authentication means an attacker doesn't need credentials to exploit this vulnerability, significantly broadening the potential attack surface. The ability to execute arbitrary commands provides the attacker with a high degree of control over the system, potentially allowing them to pivot to other systems on the network if the GoCast instance has network access.
CVE-2024-21855 was publicly disclosed on 2024-11-21. The vulnerability's ease of exploitation, combined with its critical severity, suggests a high probability of exploitation. No public proof-of-concept (PoC) code has been publicly released as of this writing, but the simplicity of the bypass makes it likely that PoCs will emerge quickly. It is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.41% (61% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-21855 is to immediately upgrade GoCast to version 1.1.4 or later. If upgrading is not immediately feasible, consider implementing temporary workarounds such as restricting network access to the GoCast instance to only trusted sources. Review firewall rules to ensure only necessary ports are open. Monitor GoCast logs for suspicious activity, particularly unauthenticated HTTP requests targeting the API endpoints. While a WAF might offer some protection, it's unlikely to be sufficient without a direct patch.
Update GoCast to a version that addresses the lack of authentication vulnerability. Consult the vendor's website or release notes for instructions on how to update. If no version is available, consider disabling the HTTP API functionality or implementing strict access controls until a fix is released.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-21855 is a critical vulnerability in GoCast versions 1.1.3–1.1.3 that allows an attacker to execute commands without authentication.
Yes, if you are running GoCast version 1.1.3, you are affected by this vulnerability and should upgrade immediately.
Upgrade GoCast to version 1.1.4 or later to resolve this vulnerability. If upgrading is not possible, restrict network access to the GoCast instance.
While no active exploitation has been confirmed, the vulnerability's severity and ease of exploitation suggest a high likelihood of exploitation.
Refer to the official GoCast security advisory for detailed information and updates regarding CVE-2024-21855.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.