The vulnerability of the “send and receive file” command handler in the Picocom terminal emulation software allows a hacker to execute any command they desire.

The vulnerability of the “send and receive file” command in the Picocom terminal emulation software lies in the lack of measures to sanitize input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by using /bin/sh to launch external commands...