ByteOS Network

NVD Vulnerability Details :

CVE-2024-58286

Awaiting Analysis

Source-disclosure@vulncheck.com

Published At-11 Dec, 2025 | 22:15

Updated At-12 Dec, 2025 | 15:17

dizqueTV 1.5.3 contains a remote code execution vulnerability that allows attackers to inject arbitrary commands through the FFMPEG Executable Path settings. Attackers can modify the executable path with shell commands to read system files like /etc/passwd by exploiting improper input validation.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	4.0	9.3	CRITICAL	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Type: Secondary

Version: 4.0

Base score: 9.3

Base severity: CRITICAL

Vector:

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Weaknesses

CWE ID	Type	Source
CWE-78	Primary	disclosure@vulncheck.com

CWE ID: CWE-78

Type: Primary

Source: disclosure@vulncheck.com

References

Hyperlink	Source	Resource
https://github.com/vexorian/dizquetv	disclosure@vulncheck.com	N/A
https://www.exploit-db.com/exploits/52079	disclosure@vulncheck.com	N/A
https://www.vulncheck.com/advisories/dizquetv-remote-code-execution-via-ffmpeg-executable-path	disclosure@vulncheck.com	N/A