CVE-2024-58286

Source
https://cve.org/CVERecord?id=CVE-2024-58286
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-58286.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-58286
Published
2025-12-11T21:32:57.246Z
Modified
2026-07-08T07:03:33.068723626Z
Severity
  • 9.3 (Critical) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVSS Calculator
Summary
dizqueTV 1.5.3 Remote Code Execution via FFMPEG Executable Path
Details

dizqueTV 1.5.3 contains a remote code execution vulnerability that allows attackers to inject arbitrary commands through the FFMPEG Executable Path settings. Attackers can modify the executable path with shell commands to read system files like /etc/passwd by exploiting improper input validation.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/58xxx/CVE-2024-58286.json",
    "cna_assigner": "VulnCheck",
    "cwe_ids": [
        "CWE-78"
    ]
}
References

Affected packages

Git / github.com/vexorian/dizquetv

Affected ranges

Type
GIT
Repo
https://github.com/vexorian/dizquetv
Events
Database specific
{
    "source": "AFFECTED_FIELD",
    "extracted_events": [
        {
            "introduced": "1.5.3"
        },
        {
            "last_affected": "1.5.3"
        }
    ]
}

Affected versions

1.*
1.5.3

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-58286.json"