ZSPACE Z4Pro+ 命令注入漏洞
ZSPACE Z4Pro+ is a private cloud storage device from China Pole Space ZSPACE. A command injection vulnerability exists in ZSPACE Z4Pro+ version 1.0.0440024, which originates from a misuse of the function zfilev2apiSafeStatus in the file /v2/file/safe/status, which could lead to command injection...