Name of the Vulnerable Software and Affected Versions eGroupWare versions prior to 1.8.007

Description The issue allows logged-in users with administrative privileges to remotely execute arbitrary commands on the server. It is also vulnerable to a cross-site request forgery vulnerability that allows creating new administrative users.

Recommendations For versions prior to 1.8.007, update to version 1.8.007 or later to resolve the issue. As a temporary workaround, consider restricting administrative privileges to minimize the risk of exploitation. Restrict access to sensitive areas of the application to prevent cross-site request forgery attacks.