A high privileged remote attacker can execute arbitrary system commands via GET requests due to improper neutralization of special elements used in an OS command.CreditsSebastian DietzCyberDanubeReferenceshttps://cert.vde.com/en/advisories/VDE-2024-030https://cert.vde.com/en/advisories/VDE-2024-032http://seclists.org/fulldisclosure/2024/Jul/6
