Posted by Kyle Neideck on Mar 05

Remote code execution via CSRF vulnerability in the web UI of Deluge 1.3.13

Kyle Neideck, February 2017

Product
——-

Deluge is a BitTorrent client available from http://deluge-torrent.org.

Fix
—

Fixed in the (public) source code, but not in binary releases yet. See
http://git.deluge-torrent.org/deluge/commit/?h=develop&id=11e8957deaf0c76fdfbac62d99c8b6c61cfdddf9
and…