Azams

**Name of the Vulnerable Software and Affected Versions** NetGain EM Plus version 10.1.68 **Description** The software contains a remote code execution issue that allows attackers to execute arbitrary system commands. Unauthenticated attackers can exploit this by sending malicious parameters to the ''script test.jsp'' endpoint. Specifically, attackers can send POST requests with shell commands embedded within the `content` parameter. This allows them to execute code and retrieve the command output. **Recommendations** Apply updates to address the issue in NetGain EM Plus version 10.1.68.