GHSA-wqhw-frpx-5mmp

Описание

All versions of tomato are vulnerable to Command Injection. The /api/exec endpoint does not validate user input allowing attackers to run arbitrary commands in the system.

Recommendation

No fix is currently available. Consider using an alternative module until a fix is made available.