The cTrigger::DoIt function in src/ctrigger.cpp in the trigger mechanism in the daemon in Verlihub 0.9.8d-RC2 and previous versions, when user triggers are enabled, allows remote malicious users to execute arbitrary commands via shell metacharacters in an argument.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
verlihub-project verlihub 0.9.8d |