The vulnerability of the lib/ajaxHandlers/ajaxAddTemplate.php component, a utility for managing network device configurations using the rConfig protocol, allows a attacker to execute arbitrary operating system commands.

The vulnerability of the lib/ajaxHandlers/ajaxAddTemplate.php utility, which is used to manage network device configurations in the rConfig framework, exists because special elements used in the operating system command are not properly eliminated. Exploiting this vulnerability allows a malicious...