CVE-2023-49213 Information

Description

The API endpoints in Ironman PowerShell Universal 3.0.0 through 4.2.0 allow remote attackers to execute arbitrary commands via crafted HTTP requests if a param block is used due to invalid sanitization of input strings. The fixed versions are 3.10.2 4.1.10 and 4.2.1.

Reference

https://docs.powershelluniversal.com/changelogs/changelog https://blog.ironmansoftware.com/powershell-universal-apis-cve/