Bitdefender BOX 2 Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) Vulnerability
Bitdefender BOX 2 suffers from improper neutralization of special elements used in an os command (‘OS Command Injection’) vulnerability
The information has been provided by Claudio Bozzato
The original article can be found at:https://www.bitdefender.com/support/security-advisories/bitdefender-box-2-bootstrap-get_image_size-command-injection-vulnerability/
A OS Command Injection vulnerability in the bootstrap stage of Bitdefender BOX 2 allows the manipulation of the `get_image_url()` function in special circumstances to inject a system command.
Bitdefender BOX 2