Mgetty Command Injection Vulnerability (CNVD-2019-03439)
Mgetty is a getty replacement program for data and fax operations. A command injection vulnerability exists in Mgetty versions prior to 1.2.1, which stems from the 'doactivate' function failing to properly filter shell metacharacters in the fax/faxq-helper.c file, which can be exploited by an...