A command injection exploit in the legacy UI php code was resolved in version 9.2
A command injection exploit in the legacy UI .php code was resolved in version 9.2.
To resolve this issue, upgrade your appliance to version 9.2.
This exploit was caused by two factors:
- A lack of authorization check on the update functionality.
- Improperly filtered input used as a command line parameter to yum.