GHSA-P8GP-2W28-MHWG Signal K set-system-time plugin vulnerable to RCE - Command Injection
Summary A Command Injection vulnerability allows authenticated users with write permissions to execute arbitrary shell commands on the Signal K server when the set-system-time plugin is enabled. Unauthenticated users can also exploit this vulnerability if security is disabled on the Signal K...