cgi-bin/kerbynet in ZeroShell 1.0beta11 and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in the type parameter in a NoAuthREQ x509List action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zeroshell zeroshell 1.0 |