In the mtproto_proxy (aka MTProto proxy) component through 0.7.2 for Erlang, a low-privileged remote attacker can access an improperly secured default installation without authenticating and achieve remote command execution ability.
{ "github_reviewed_at": "2023-10-10T22:28:03Z", "cwe_ids": [ "CWE-1188", "CWE-94" ], "nvd_published_at": "2023-10-10T21:15:09Z", "severity": "HIGH", "github_reviewed": true }