Laznotlazy

**Name of the Vulnerable Software and Affected Versions** DTS Monitoring version 3.57.0 **Description** An issue was discovered in the software where the `url` parameter within the `WGET check` function is vulnerable to OS command injection, specifically blind command injection. This means an attacker could potentially inject system commands without directly seeing the output, making it harder to detect. **Recommendations** For DTS Monitoring version 3.57.0, as a temporary workaround, consider restricting or disabling the use of the `url` parameter within the `WGET check` function until a patch is available. Avoid using the `url` parameter in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.