Primary

Context

Centova Cast Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in Centova Cast version 3.2.12. This issue allows attackers to overload the system by repeatedly accessing the database export API endpoint. Exploitation of this vulnerability can lead to 100% CPU usage by sending multiple concurrent requests to the /api.php endpoint with manipulated parameters.

Impact

Exploitation of this vulnerability causes the application to consume 100% of the CPU resources on all cores, leading to a significant degradation of service.

Reproduction

The vulnerability can be reproduced by sending multiple concurrent requests to the /api.php endpoint, using a reseller or admin username and password. The requests should include parameters that trigger the database export action, effectively causing the server to process the requests simultaneously and exhaust CPU resources.

Added: Feb 12, 2026, 11:20 PM

Updated: Feb 12, 2026, 11:20 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.6

remediation

0.0

relevance

2.7

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.6

remediation

0.0

relevance

2.7

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Centova Cast Denial-of-Service Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating