Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated non-admin users to escalate privileges and execute arbitrary code by loading a module with a crafted name.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.041
EPSS Ranking 89.6%