PT-2022-11471 · Zeroshell · Zeroshell
Name of the Vulnerable Software and Affected Versions: ZeroShell version 3.9.5 Description: The issue is a command injection vulnerability in the "/cgi-bin/kerbynet" API endpoint, specifically in the IP parameter. This may allow an authenticated attacker to execute system commands. Recommendation...