An arbitrary code execution vulnerability exists in Caldera version 2.8.1, a suite of software from the French company Caldera that provides color management, imaging, and processing solutions for printer devices. The vulnerability stems from the Human plugin passing unfiltered name parameters to the python “os.system” function. An attacker could exploit this vulnerability to escape the current command with shell metacharacters and execute arbitrary shell commands.