Rocket.Chat is an open source team chat software. A command injection vulnerability exists in versions of Rocket.Chat prior to 3.8.14. The vulnerability stems from a failure of a network system or product to properly filter special characters, commands, etc. during user input to construct and execute commands. An attacker can exploit this vulnerability to cause arbitrary command execution.
CPE | Name | Operator | Version |
---|---|---|---|
rocket.chat rocket.chat | lt | 3.8.14 |