Bleeping Computer

Latest Command Injection news

Threat actors have been exploiting a command injection vulnerability in Array AG Series VPN devices to plant webshells and create rogue users. D-Link is warning of three remotely exploitable command ...
ZDNet

SaltStack revises partial patch for command injection, privilege escalation vulnerability

The Salt Project has issued a secondary fix for a command injection vulnerability after the first attempt to patch the issue partially failed. The vulnerability, tracked as CVE-2020-28243, impacts ...