CVE-2022-40969
CVE-2022-40969 (Siretta QUARTZ-GOLD) is a OS command injection vulnerability in the httpd delfile.cgi file-management endpoint. Talos reports that the delfile.cgi handler accepts a parameter named _filename, appends it to a base folder path, and then executes rm -rf / via system(), with the filen...