ThinPLUS developed by ThinPLUS has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.Referenceshttps://www.twcert.org.tw/tw/cp-132-10512-e196b-1.htmlhttps://www.twcert.org.tw/en/cp-139-10513-0d82b-2.html
