A lack of input validation exists in tac_plus prior to commit 4fdf178 which, when pre or post auth commands are enabled, allows an attacker who can control the username, rem-addr, or NAC address sent to tac_plus to inject shell commands and gain remote code execution on the tac_plus server.
[
{
"defaultStatus": "affected",
"product": "tac_plus",
"vendor": "Meta",
"versions": [
{
"lessThan": "4fdf178",
"status": "affected",
"version": "0",
"versionType": "git"
}
]
}
]