Tag
openITCOCKPIT Community Edition before 5.5.2 is vulnerable to command injection, allowing authenticated users with host modification privileges to execute arbitrary OS commands on the monitoring backend via crafted host attributes in monitoring command templates.