CVE-2023-30261 Information

Description

Command Injection vulnerability in OpenWB 1.6 and 1.7 allows remote attackers to run arbitrary commands via crafted GET request.

Reference

https://github.com/snaptec/openWB/pull/2673 https://eldstal.se/advisories/230329-openwb.html https://github.com/snaptec/openWB/issues/2672