CVE-2007-3572
The vulnerability CVE-2007-3572 affects the Yoggie Pico and Pico Pro (web interface cgi-bin/runDiagnostics.cgi). An incomplete blacklist allows remote attackers to execute arbitrary commands by supplying shell metacharacters in the param parameter, demonstrated with URL-encoded backtick character...