CVE-2022-50909 Algo 8028 Control Panel - Remote Code Execution (RCE) (Authenticated)
Algo 8028 Control Panel version 3.3.3 contains a command injection vulnerability in the fm-data.lua endpoint that allows authenticated attackers to execute arbitrary commands. Attackers can exploit the insecure 'source' parameter by injecting commands that are executed with root privileges,...