Zeroshell: >> Zeroshell >> 3.9.3 Security Vulnerabilities
Zeroshell 3.9.3 contains a command injection vulnerability in the /cgi-bin/kerbynet StartSessionSubmit parameter that could allow an unauthenticated attacker to execute a system command by using shell metacharacters and the %0a character.
CVSS Score
9.8
EPSS Score
0.402
Published
2020-11-30