PT-2020-17155 · Zeroshell · Zeroshell
Name of the Vulnerable Software and Affected Versions: Zeroshell version 3.9.3 Description: The issue allows an unauthenticated attacker to execute a system command by using shell metacharacters and the %0a character in the /cgi-bin/kerbynet API endpoint, specifically through the StartSessionSubm...