xunfeng Command Injection Vulnerability
xunfeng is a rapid vulnerability response and asset scanning system for enterprise intranets. A command injection vulnerability exists in xunfeng version 0.2.0, which stems from the failure of the masscan.py file to properly handle backquote characters and can be exploited by an attacker to execu...