op5 Monitor license.php Remote Command Execution (CVE-2012-0261)

A command execution vulnerability has been reported in op5 Monitor. The vulnerability is due to an input validation flaw related to the system-op5config component. A remote attacker can exploit this vulnerability to execute arbitrary shell commands via command injection...

CVE-2012-0262

op5config/welcome in system-op5config before 2.0.3 in op5 Monitor and op5 Appliance before 5.5.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the password parameter...