cgi-bin/drknow.cgi in Innotube ITGuard-Manager 0.0.0.1 allows remote malicious users to execute arbitrary OS commands via shell metacharacters in the username field, as demonstrated by a username beginning with "admin|" to use the '|' metacharacter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
innotube itguard manager 0.0.0.1 |