The functionality for synchronization in HGiga OAKlouds'...
Critical severity
Unreviewed
Published
Feb 15, 2024
to the GitHub Advisory Database
•
Updated Jan 23, 2025
Description
Published by the National Vulnerability Database
Feb 15, 2024
Published to the GitHub Advisory Database
Feb 15, 2024
Last updated
Jan 23, 2025
The functionality for synchronization in HGiga OAKlouds' certain moudules has an OS Command Injection vulnerability, allowing remote attackers to inject system commands within specific request parameters. This enables the execution of arbitrary code on the remote server without permission.
References