2025-07-21 09:29:32
CERTVDE
PUBLISHED
A high privileged remote attacker can execute arbitrary system commands via POST requests in the send_sms action due to improper neutralization of special elements used in an OS command.