Product
icewhale casaos
7 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-34171
CVE-2024-24767
CVE-2024-24765
CVE-2023-37469
CVE-2023-37266
CVE-2023-37265
CVE-2022-24193
<= 0.4.15
CasaOS versions up to and including 0.4.15 expose multiple unauthenticated endpoints that allow remote attackers to retrieve sensi
>= 0.4.4.3 and < 0.4.7
CasaOS-UserService provides user management functionalities to CasaOS. Starting in version 0.4.4.3 and prior to version 0.4.7, Cas
< 0.4.7
CasaOS-UserService provides user management functionalities to CasaOS. Prior to version 0.4.7, path filtering of the URL for user
< 0.4.4
CasaOS is an open-source personal cloud system. Prior to version 0.4.4, if an authenticated user using CasaOS is able to successfu
< 0.4.4
CasaOS is an open-source Personal Cloud system. Unauthenticated attackers can craft arbitrary JWTs and access features that usuall
< 0.4.4
CasaOS is an open-source Personal Cloud system. Due to a lack of IP address verification an unauthenticated attackers can execute
< 0.2.7
CasaOS before v0.2.7 was discovered to contain a command injection vulnerability.