CVE-2014-8990
CVE-2014-8990 affects Lsyncd up to version 2.1.5, where default-rsyncssh.lua does insufficient sanitising of filenames, allowing remote attackers to execute arbitrary commands via shell metacharacters embedded in a filename. The vulnerability is a remote code execution risk tied to how Lsyncd pro...