Xiaoming-King

**Name of the Vulnerable Software and Affected Versions** Varisicte matrix-gui version 2 **Description** A SQL injection issue allows a remote attacker to execute arbitrary code via the `shell exect` parameter to the "/www/pages/matrix-gui-2.0" endpoint. This enables the attacker to potentially gain unauthorized access and control over the system. **Recommendations** For Varisicte matrix-gui version 2, as a temporary workaround, consider restricting access to the "/www/pages/matrix-gui-2.0" endpoint until a patch is available. Additionally, avoid using the `shell exect` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.