Jwpari

**Name of the Vulnerable Software and Affected Versions** Nagios Remote Plug-In Executor (NRPE) versions prior to 2.14 **Description** The issue is related to an incomplete blacklist vulnerability in the nrpc.c file. This vulnerability might allow remote attackers to execute arbitrary shell commands via `$()` shell metacharacters, which are processed by bash. **Recommendations** For versions prior to 2.14, update to version 2.14 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `$()` shell metacharacters in bash commands to minimize the risk of exploitation.