0.956 High
EPSS
Percentile
99.4%
Zeroshell 3.9.3 contains a command injection vulnerability in the /cgi-bin/kerbynet StartSessionSubmit parameter that could allow an unauthenticated attacker to execute a system command by using shell metacharacters and the %0a character.
blog.quake.so/post/zeroshell_linux_router_rce/