2 matches found
CVE-2021-41738
ZeroShell 3.9.5 has a command injection vulnerability in /cgi-bin/kerbynet IP parameter, which may allow an authenticated attacker to execute system commands...
CVE-2021-41738
ZeroShell 3.9.5 is affected by a command injection in the /cgi-bin/kerbynet endpoint (IP parameter). An authenticated attacker could execute system commands through this parameter. Affected product/version: ZeroShell 3.9.5. Root cause: command injection via the IP parameter in kerbynet. Impact: p...